On Sun, Apr 18, 1999 at 07:32:44PM +0200, Marek Habersack wrote: > Yes, I like the solution with sash, but it requires some tweaking as > compared to the current Debian setup. One has to either > > 1) specify the shell to invoke at the LILO prompt and I bet that most users > and majority of admins doesn't care to take a look at the LILO doc or > sulogin(8) manpage > 2) changing the boot scripts to set SUSHELL to shash > 3) change sulogin to use the toor account in the single mode So you're currently trying to account for the situation where someone can figure out how to recover from a terminally inconsistent installation (from user error, dpkg error, etc.) but can't figure out how to type "linux init=/bin/sash", add a new user, or boot from rescue media? I just don't think this is a large enough segment of the user base (1? 2?) to justify the changes, even if they are simple. Adding a new root user opens a whole new security issue (does everyone know to take special precautions for the toor account like changing the password frequently, making sure toor can't ftp in, etc.?) And no static package can possibly provide the level of protection you'd get from booting off floppy or cd, so you ought to have one or the other around anyway... Mike Stone
Attachment:
pgpXYzAZylupX.pgp
Description: PGP signature