[ale] Trivial Breakin to RH-4.0 -- What's happening?
Chris Ricker
gt1355b at prism.gatech.edu
Thu Dec 12 18:29:58 EST 1996
On Thu, 12 Dec 1996, John M. Mills wrote:
>
> 1. reboot the system
> 2. at 'LILO:' prompt, boot as 'linux 1'
> 3. at 'login:' prompt, _start_ to enter a username( 'ro'), and:
>
> VOILA -- I am at root permission in bash -- no login, no password!!!
> Maybe I didn't even have to type at (3) -- I didn't try just waiting.
>
> The kernel is 2.0.18.
>
> What's happening, and more important, how can it be controlled? I don't think
> "there's no security when the computer is physically accessible" is quite
> the answer -- at least I would expect an intruder to need some kind of
> diskette!
What's happening is you're booting up in single-user mode, so you have
root access. If you want to require a password for single-user mode, edit
your lilo.conf. In the section that specifies your linux image (the part
starting out something like "image=/linux", as I gather you have yours set
up), add two lines:
password=<something you won't forget here>
restricted
Save, run lilo, and reboot. Now, you'll have to enter a password whenever
you pass command-line options to linux ("linux" at the lilo prompt won't
require a password; "linux 1" or "linux cdu31a_irq=10", for example,
will). If you want to always have a password, take out the restricted
line.
Turning off boot/seek from floppy, adding password to lilo, and removing
the <ctrl>-<alt>-<del> trap are about all you can do to protect it from
console attack (though people who have physical access can always just
pull the plug ;-).
later,
chris
--
Chris Ricker gt1355b at prism.gatech.edu
"All the world's a stage and most of us are desperately unrehearsed."
-- Sean O'Casey
More information about the Ale
mailing list