Re: Disabling interactive init on Debian
Michel Loos <loos@qt1.iq.usp.br> writes:
> This is the default in Debian (in lilo.conf) but it is not
> necessary, even if the guy in front of the computer types the usual:
> linux single :he will not get root access to your computer without
> knowing the passwd. (At least on testing with a 2.4.x kernel).
Fortunately, it's just as easy to type 'linux init=/bin/sh' and get a
root shell that way (with no services running and with filesystems
mounted read-only).
> If he wants access, he can always boot on a floppy or CD and do
> whatever he wants to. You will have to disable (in the BIOS)
> floppy/CD booting AND put a BIOS passwd or all this is for nothing.
I think it's also possible to set a password on LILO. But in general,
you probably want to make sure that the machine is physically secure
if this sort of thing is a concern.
--
David Maze dmaze@debian.org http://people.debian.org/~dmaze/
"Theoretical politics is interesting. Politicking should be illegal."
-- Abra Mitchell
Reply to: