[CLUE-Tech] Redhat 7.2: No password for init 1
David Jackson
david.j.jackson at pickledbeans.com
Sun May 19 23:10:59 MDT 2002
Jeremy --
That looks simple enough.
I at a lost to explain why Redhat does this?
Solaris, Debian and Slackware don't.
The ~~ is part of the command correct?
Thanks,
David
> Yup... This is what I've started doing:
>
> /etc/inittab:
> ~~:S:wait:/sbin/sulogin
>
> Jeremy
> ----- Original Message -----
> From: "David Jackson" <david.j.jackson at pickledbeans.com>
> To: <clue-tech at clue.denver.co.us>
> Sent: Sunday, May 19, 2002 12:29 PM
> Subject: [CLUE-Tech] Redhat 7.2: No password for init 1
>
>
>> All --
>> This has to be a old question, but when bring the box down to single
>> user mode, it doesnt' ask for a password? Just dumps to a root prompt?
>>
>> Which if it happened following a panic, would seem to me as a sercuity
>> risk? Can I force it ask for a password?
>>
>> Thanks,
>> David
>>
>> --
>>
>>
>> _______________________________________________
>> CLUE-Tech mailing list
>> CLUE-Tech at clue.denver.co.us
>> http://clue.denver.co.us/mailman/listinfo/clue-tech
>>
>
> _______________________________________________
> CLUE-Tech mailing list
> CLUE-Tech at clue.denver.co.us
> http://clue.denver.co.us/mailman/listinfo/clue-tech
--
Received: from tummy.com (IDENT:aBQAysb2ILnCqIYIK48jjdKeEa7y9Dnq at secure.tummy.com [198.49.126.3])
by clue.denver.co.us (8.9.3/8.9.3) with SMTP id AAA01295
for <clue-tech at clue.denver.co.us>; Mon, 20 May 2002 00:08:26 -0600
Received: (qmail 844 invoked by uid 10); 20 May 2002 06:10:25 -0000
Received: (qmail 3966 invoked by uid 500); 20 May 2002 05:55:45 -0000
Date: Sun, 19 May 2002 23:55:45 -0600
From: Sean Reifschneider <jafo at tummy.com>
To: clue-tech at clue.denver.co.us
Cc: jhuber at fallenknight.org
Subject: Re: [CLUE-Tech] Redhat 7.2: No password for init 1
Message-ID: <20020519235545.A2884 at tummy.com>
References: <000601c1ff76$722f2280$0101a8c0 at fallenknight.org> <3168.63.165.196.32.1021871459.cqhost at webmail.cqhost.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5.1i
In-Reply-To: <3168.63.165.196.32.1021871459.cqhost at webmail.cqhost.com>; from david.j.jackson at pickledbeans.com on Mon, May 20, 2002 at 01:10:59AM -0400
Sender: clue-tech-admin at clue.denver.co.us
Errors-To: clue-tech-admin at clue.denver.co.us
X-BeenThere: clue-tech at clue.denver.co.us
X-Mailman-Version: 2.0beta2
Precedence: bulk
Reply-To: clue-tech at clue.denver.co.us
List-Id: CLUE technical discussions, questions and answers. <clue-tech.clue.denver.co.us>
On Mon, May 20, 2002 at 01:10:59AM -0400, David Jackson wrote:
>I at a lost to explain why Redhat does this?
>Solaris, Debian and Slackware don't.
Well, part of the justification for allowing it is that if you have
physical access to the box, all bets are off... Throwing up a login prompt
doesn't really help security when you can just as easily do init=/bin/sh,
boot from a floppy or CD and mount up the file-system, or for a little more
effort you can pop the drive into another box, boot up on it's primary
disc, and modify away to your heart's content...
Sean
--
Program *INTO* a language, not *IN* it.
-- David Gries
Sean Reifschneider, Inimitably Superfluous <jafo at tummy.com>
tummy.com - Linux Consulting since 1995. Qmail, KRUD, Firewalls, Python
More information about the clue-tech
mailing list