[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Why is there a prompt for a root shell when the default linux kernel boots?



#include <hallo.h>
Javier Fernández-Sanguino Peña wrote on Tue Apr 30, 2002 um 03:50:27PM:
> 	Culd someone explain why is there a root shell prompt for the
> Linux kernel:
> 
> "Press ENTER to obtain a shell" (waits 5 seconds)

This is a default for the initrd's linuxrc. You installed one of our
official 2.4.x kernels.

> 	This seems something related to the cramfs filesystem (ramdisk)
> but I'm not knowledgeable about it. I would like:
> 
> 1.- an explanation on why this is shipped by default (to add it to the
> "Securing Debian Manual" 

Sense? This prompt is good for loading some modules when the
autodetection fails, so it is only used in seldom cases.

> 2.- someone to step up an explain how to disable this behavior
> 
> IMHO the boot-floppies kernel should not ship with this option enabled

We do not.

> (whatever this is for). I was quite surprised when I saw this but a user
> has just mailed me asking for an answer on why does Debian woody ships

Dito. Show me a system with such "problem" after a fresh installation.

> 	Javi
> ("Securing Debian Manual" editor/author FYI)

Security, soso. Well, since this rescue environment has an executable
shell with root permissions, it _may_ be a security hole, since you can
damage partitions easily, for example. To disable this shell, edit
/etc/mkinitrd/mkinitrd.conf and set DELAY=0. Then recreate the initrd
image (dpkg-reconfigure kernel-image-2.4.x-yz).

Gruss/Regards,
Eduard.
-- 
We are the OE of Borg. You will be quoted awfully. Sigtrenner is futile.

Attachment: pgpDO7REH9N1c.pgp
Description: PGP signature


Reply to: