[2107] in RedHat Linux List
Re: Is "linux single" a security concern?
daemon@ATHENA.MIT.EDU (Alex Mottram)
Thu Oct 31 17:13:09 1996
Date: Thu, 31 Oct 1996 16:08:10 -0600 (CST)
From: Alex Mottram <alex@mail.net-connect.net>
To: redhat-list@redhat.com
In-Reply-To: <199610312136.QAA00435@hexagram.brickandivy.com>
Resent-From: redhat-list@redhat.com
Reply-To: redhat-list@redhat.com
On Thu, 31 Oct 1996, Chris Powell wrote:
> I booted my box to try out the "linux single" lilo option, and I'm concerned
> that the resulting unprotected root shell is a fairly serious security
> concern.
>
> Not all machines can be physically secured (e.g. in a large office building,
> perhaps) and it seems that it would be a trivial way to gain root access to
> any Linux box.
>
> Am I misunderstanding something fairly obvious here?
>
> Thanks,
> Chris Powell
>
from "man lilo.conf"
password=password
Protect the image by a password.
restricted
A password is only required to boot the image if
parameters are specified on the command line (e.g.
single).
:)
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
________________________________________________________________________
http://www.redhat.com/RedHat-FAQ http://www.redhat.com/RedHat-Errata
http://www.redhat.com/RedHat-Tips http://www.redhat.com/mailing-lists
------------------------------------------------------------------------
To unsubscribe: mail -s unsubscribe redhat-list-request@redhat.com < /dev/null
