[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Passwordless root shell is offered when boot problem occurs.

Sthu Deus (sthu.deus@gmail.com on 2011-12-03 17:53 +0700):
> >[..] A standard Debian config
> >should not offer a passwordless root shell unless you explicitly ask
> >for it,
> Oh, no! I didn't! :)
> Do You have an idea where to look for that? - I have no ideas,
> absolutely.

Just as a pointer, you can get a passwordless root shell by:

- interrupting initramfs: specify break=init on the kernel command
- overriding init: specify init=/bin/bash on the kernel command line
- configuring inittab: either add a bootwait line spawning /bin/*sh
  or tell getty to bypass login with -l /bin/*sh
- setting SULOGIN=yes in /etc/default/rcS, and either
  a) locking the root account (passwd -l root), which will give you
     "sulogin: root account is locked, starting shell"
  b) deleting root's password (passwd -d root), which will give you
     "Press enter for maintenance(or type Control-D to continue)"

All four methods above will give you an unconditional root shell. Since
yours only spawns on error, none of the above applies.

> On other hand, if we pursue this idea - that physical access makes a
> host absolutely undefended, - we can let root account to be
> password-less - for why worrying?

Setting a root password will still protect you from remote users that
have access to login programs (such as su). Locking the root account
reduces the attack surface to your sudoers configuration.


Reply to: