[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Disabling interactive init on Debian

Michel Loos <loos@qt1.iq.usp.br> writes:
> This is the default in Debian (in lilo.conf) but it is not
> necessary, even if the guy in front of the computer types the usual:
> linux single :he will not get root access to your computer without
> knowing the passwd. (At least on testing with a 2.4.x kernel).

Fortunately, it's just as easy to type 'linux init=/bin/sh' and get a
root shell that way (with no services running and with filesystems
mounted read-only).

> If he wants access, he can always boot on a floppy or CD and do
> whatever he wants to.  You will have to disable (in the BIOS)
> floppy/CD booting AND put a BIOS passwd or all this is for nothing.

I think it's also possible to set a password on LILO.  But in general,
you probably want to make sure that the machine is physically secure
if this sort of thing is a concern.

-- 
David Maze         dmaze@debian.org      http://people.debian.org/~dmaze/
"Theoretical politics is interesting.  Politicking should be illegal."
	-- Abra Mitchell
Reply to: