[2102] in RedHat Linux List
Re: Is "linux single" a security concern?
daemon@ATHENA.MIT.EDU (Eric S. Pulley)
Thu Oct 31 17:03:52 1996
To: redhat-list@redhat.com
In-reply-to: Your message of "Thu, 31 Oct 1996 16:36:58 EST."
<199610312136.QAA00435@hexagram.brickandivy.com>
Date: Thu, 31 Oct 1996 13:53:21 -0800
From: "Eric S. Pulley" <pulley@apple.com>
Resent-From: redhat-list@redhat.com
Reply-To: redhat-list@redhat.com
>I booted my box to try out the "linux single" lilo option, and I'm concerned
>that the resulting unprotected root shell is a fairly serious security
>concern.
>
>Not all machines can be physically secured (e.g. in a large office building,
>perhaps) and it seems that it would be a trivial way to gain root access to
>any Linux box.
>
Yes this is a security hole but it can be fixed somewhat with a password=
line in you lilo.conf. which will cause lilo to have a password
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
________________________________________________________________________
http://www.redhat.com/RedHat-FAQ http://www.redhat.com/RedHat-Errata
http://www.redhat.com/RedHat-Tips http://www.redhat.com/mailing-lists
------------------------------------------------------------------------
To unsubscribe: mail -s unsubscribe redhat-list-request@redhat.com < /dev/null
