[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Passwordless root shell is offered when boot problem occurs.

On Fri, 02 Dec 2011 14:04:15 +0700, Sthu Deus wrote:

> Thank You for Your time and answer, Camaleón:
>>>>You mean "Busybox"? :-?
>>> I do not know - it appears when something wrong during boot process.
>>It should be printed out, something like:
>>BusyBox v1.10.2 (Debian x-x-x-x) Built-in shell (xxx) ***
> Oh, no. It's not my case. Nor I have the packages installed.

Hmmm... are you sure? It is installed by default in all of my Lenny 
systems and also in wheezy.

sm01@stt008:~$ dpkg -l | grep busy
ii  busybox                              1:1.10.2-2                 Tiny utilities for small and embedded system

>>If that's what you get it cames out when there is a problem when
>>booting, for instance, a missing kernel module for the hard disk
>>controller, a bad hard disk identifier at GRUB's menu file, etc. So
>>instead having you no option at all and display a black screen (because
>>the system is halted), we are presented with the BusyBox.
> That's great, just why not to protect it w/ a password prompt? - Or
> again, "nobody listening, no exploits are available", etc?! ;o)

It is very easy to access into a system when you stand in front of it, I 
mean, when you have physical access to the computer. Unless you have 
secured GRUB with a password, you can append "init=/bin/sh" to the kernel 
line at boot menu and then again, no password will be prompted for you.

>>> That's good, but how I can provide password prompting? I remember in
>>> past times there was a prompt for Ctrl-d to press and type root's
>>> password.
>>I think that's a different thing :-?
> For sure, it is.
>>For example, when you go fall into "init 1" you are prompted with root's
>>password to get into the maintenance console or continue by pressing
>>Ctrl +D, so here you are indeed asked for root's password because you
>>are inside the full shell and not inside the limited BusyBox
> So, where I get into - in my case - having no busybox installed, yet
> password-less root shell is granted? 8-0

I'm not sure about the scenario you are describing... I think busybox is 
installed by default and comes up when there are boot problems.



Reply to: