Re: Passwordless root shell is offered when boot problem occurs.
Sthu Deus (email@example.com on 2011-12-03 17:53 +0700):
> >[..] A standard Debian config
> >should not offer a passwordless root shell unless you explicitly ask
> >for it,
> Oh, no! I didn't! :)
> Do You have an idea where to look for that? - I have no ideas,
Just as a pointer, you can get a passwordless root shell by:
- interrupting initramfs: specify break=init on the kernel command
- overriding init: specify init=/bin/bash on the kernel command line
- configuring inittab: either add a bootwait line spawning /bin/*sh
or tell getty to bypass login with -l /bin/*sh
- setting SULOGIN=yes in /etc/default/rcS, and either
a) locking the root account (passwd -l root), which will give you
"sulogin: root account is locked, starting shell"
b) deleting root's password (passwd -d root), which will give you
"Press enter for maintenance(or type Control-D to continue)"
All four methods above will give you an unconditional root shell. Since
yours only spawns on error, none of the above applies.
> On other hand, if we pursue this idea - that physical access makes a
> host absolutely undefended, - we can let root account to be
> password-less - for why worrying?
Setting a root password will still protect you from remote users that
have access to login programs (such as su). Locking the root account
reduces the attack surface to your sudoers configuration.