Re: Passwordless root shell is offered when boot problem occurs.

To: debian-user@lists.debian.org
Subject: Re: Passwordless root shell is offered when boot problem occurs.
From: Camaleón <noelamac@gmail.com>
Date: Sat, 3 Dec 2011 14:55:14 +0000 (UTC)
Message-id: <[🔎] pan.2011.12.03.14.55.12@gmail.com>
References: <4ed32ea3.0611cc0a.0f76.ffffe07e@mx.google.com> <pan.2011.11.28.15.16.18@gmail.com> <[🔎] 4ed7b006.42a4cc0a.043b.5499@mx.google.com> <[🔎] pan.2011.12.01.17.05.09@gmail.com> <[🔎] 4ed87872.8872cd0a.0b8a.ffffe1e3@mx.google.com>

On Fri, 02 Dec 2011 14:04:15 +0700, Sthu Deus wrote:

> Thank You for Your time and answer, Camaleón:
> 
>>>>You mean "Busybox"? :-?
>>> 
>>> I do not know - it appears when something wrong during boot process.
>>
>>It should be printed out, something like:
>>
>>***
>>BusyBox v1.10.2 (Debian x-x-x-x) Built-in shell (xxx) ***
> 
> Oh, no. It's not my case. Nor I have the packages installed.

Hmmm... are you sure? It is installed by default in all of my Lenny 
systems and also in wheezy.

sm01@stt008:~$ dpkg -l | grep busy
ii  busybox                              1:1.10.2-2                 Tiny utilities for small and embedded system

>>If that's what you get it cames out when there is a problem when
>>booting, for instance, a missing kernel module for the hard disk
>>controller, a bad hard disk identifier at GRUB's menu file, etc. So
>>instead having you no option at all and display a black screen (because
>>the system is halted), we are presented with the BusyBox.
> 
> That's great, just why not to protect it w/ a password prompt? - Or
> again, "nobody listening, no exploits are available", etc?! ;o)

It is very easy to access into a system when you stand in front of it, I 
mean, when you have physical access to the computer. Unless you have 
secured GRUB with a password, you can append "init=/bin/sh" to the kernel 
line at boot menu and then again, no password will be prompted for you.

>>> That's good, but how I can provide password prompting? I remember in
>>> past times there was a prompt for Ctrl-d to press and type root's
>>> password.
>>
>>I think that's a different thing :-?
> 
> For sure, it is.
> 
>>For example, when you go fall into "init 1" you are prompted with root's
>>password to get into the maintenance console or continue by pressing
>>Ctrl +D, so here you are indeed asked for root's password because you
>>are inside the full shell and not inside the limited BusyBox
>>environment.
> 
> So, where I get into - in my case - having no busybox installed, yet
> password-less root shell is granted? 8-0

I'm not sure about the scenario you are describing... I think busybox is 
installed by default and comes up when there are boot problems.

Greetings,

-- 
Camaleón

Reply to:

References:
- Re: Passwordless root shell is offered when boot problem occurs.
  - From: Sthu Deus <sthu.deus@gmail.com>
- Re: Passwordless root shell is offered when boot problem occurs.
  - From: Camaleón <noelamac@gmail.com>
- Re: Passwordless root shell is offered when boot problem occurs.
  - From: Sthu Deus <sthu.deus@gmail.com>

Prev by Date: Re: Can I help?
Next by Date: Re: pasuspender syntax
Previous by thread: Re: Passwordless root shell is offered when boot problem occurs.
Next by thread: Re: Passwordless root shell is offered when boot problem occurs.
Index(es):
- Date
- Thread