Re: Passwordless root shell is offered when boot problem occurs.
On Fri, 02 Dec 2011 14:04:15 +0700, Sthu Deus wrote:
> Thank You for Your time and answer, Camaleón:
>>>>You mean "Busybox"? :-?
>>> I do not know - it appears when something wrong during boot process.
>>It should be printed out, something like:
>>BusyBox v1.10.2 (Debian x-x-x-x) Built-in shell (xxx) ***
> Oh, no. It's not my case. Nor I have the packages installed.
Hmmm... are you sure? It is installed by default in all of my Lenny
systems and also in wheezy.
sm01@stt008:~$ dpkg -l | grep busy
ii busybox 1:1.10.2-2 Tiny utilities for small and embedded system
>>If that's what you get it cames out when there is a problem when
>>booting, for instance, a missing kernel module for the hard disk
>>controller, a bad hard disk identifier at GRUB's menu file, etc. So
>>instead having you no option at all and display a black screen (because
>>the system is halted), we are presented with the BusyBox.
> That's great, just why not to protect it w/ a password prompt? - Or
> again, "nobody listening, no exploits are available", etc?! ;o)
It is very easy to access into a system when you stand in front of it, I
mean, when you have physical access to the computer. Unless you have
secured GRUB with a password, you can append "init=/bin/sh" to the kernel
line at boot menu and then again, no password will be prompted for you.
>>> That's good, but how I can provide password prompting? I remember in
>>> past times there was a prompt for Ctrl-d to press and type root's
>>I think that's a different thing :-?
> For sure, it is.
>>For example, when you go fall into "init 1" you are prompted with root's
>>password to get into the maintenance console or continue by pressing
>>Ctrl +D, so here you are indeed asked for root's password because you
>>are inside the full shell and not inside the limited BusyBox
> So, where I get into - in my case - having no busybox installed, yet
> password-less root shell is granted? 8-0
I'm not sure about the scenario you are describing... I think busybox is
installed by default and comes up when there are boot problems.