On Tue, 2003-03-04 at 14:26, Christian Perle wrote: > Hi Peter, > > On Tue, Mar 04, 2003 at 01:48:15 +0100, Peter -lastfuture- Marquardt wrote: > > > single user mode requires root to specify a password, init=/bin/bash > > causes kernel panic, linux.old is skipped when writing lilo to the mbr. > > Why does init=/bin/bash cause a kernel panic? > Works perfectly for me. strange, it causes kernel panic for me... interesting... -humms- i wonder what klaus knopper has to say about that. > I don't believe in local security. You can't secure a machine to which > other people have physical access. They can boot from CDROM or floppy, open > the computer, remove the hard disk, reset the bios password (by > removing the battery)... > So setting a LILO password is fake security. sure, i totally agree with you, but you can at least make it harder for the potential attacker... if you see it like that you can as well remove your root password.. there you go, it's fake security anyway. booting into a passwordless shell where you are able to remount / writable is something different than having to remove the hard drive in order to plug it into another pc. the latter will require much more time and will less likely occur unnoticed. it's also harder to do, so the attacker thinks twice. therefore you set a password, and therefore you make the lilo.conf only readable for root... sure there will be a way to read it, but hey, at least it's more secure. it's not that you need to type the password every time you boot, you know. only when you specify arguments to the kernel. and when do you ever need that? regards --lasty
Attachment:
signature.asc
Description: This is a digitally signed message part