[2182] in RedHat Linux List
Re: Is "linux single" a security concern?
daemon@ATHENA.MIT.EDU (Donnie Barnes)
Fri Nov 1 08:05:40 1996
To: redhat-list@redhat.com
In-reply-to: Your message of "Thu, 31 Oct 1996 13:53:21 PST."
<199610312153.OAA03844@amphlem.corp.apple.com>
Date: Fri, 01 Nov 1996 08:03:03 -0500
From: Donnie Barnes <djb@redhat.com>
Resent-From: redhat-list@redhat.com
Reply-To: redhat-list@redhat.com
Your message on: Thu, 31 Oct 1996 13:53:21 PST
>
>>I booted my box to try out the "linux single" lilo option, and I'm concerned
>>that the resulting unprotected root shell is a fairly serious security
>>concern.
>>
>>Not all machines can be physically secured (e.g. in a large office building,
>>perhaps) and it seems that it would be a trivial way to gain root access to
>>any Linux box.
>>
>Yes this is a security hole but it can be fixed somewhat with a password=
>line in you lilo.conf. which will cause lilo to have a password
Don't forget to chmod 600 /etc/lilo.conf if you do that, or anyone
with an account on that machine can easily see the password...
--Donnie
--
Donnie Barnes http://www.redhat.com/~djb "Bah."
djb@redhat.com http://www.turner.com/lazarusman/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
_Things You'd NEVER Expect A Southerner To Say_ by Vic Henley:
** I hate the long version of ``Free Bird''.
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
________________________________________________________________________
http://www.redhat.com/RedHat-FAQ http://www.redhat.com/RedHat-Errata
http://www.redhat.com/RedHat-Tips http://www.redhat.com/mailing-lists
------------------------------------------------------------------------
To unsubscribe: mail -s unsubscribe redhat-list-request@redhat.com < /dev/null
