Re: [suse-security] disable init=/bin/sh?
Frank Steiner wrote:
Hi,
just stepped on this option to type "linux init=/bin/sh" at the boot prompt, which gives me a root shell. For me, that's really a security problem: We have some computers here which we cannot protect with boot-passwords because they have to come up automatically after a power drop. Can I somehow disable this possibility of passing an alternative init-parameter for my SuSE 6.4?
Best regards, Frank
If you use lilo to boot your box, just append a line restricted password = what_ever_your_password_should_be into the per image section. The bad thig is, that the password is not crypted. So you have to secure your /etc/lilo.conf: make a link to the floppy device and use a floppy whenever you install lilo. The good thing is, that booting without password is possible, but that password is required whenever a parameter to the image is typed in. I hope that helps... Greetings, Juergen --------------------------------------------------------------------- Jürgen Ellinger Siemensstraße 44 88250 Weingarten e-mail: ellinger@informatik.uni-tuebingen.de ellinger@student.uni-tuebingen.de ellinger@spohn.rv.bw.schule.de
Juergen Ellinger wrote:
restricted password = what_ever_your_password_should_be
If you need this kind of security you will also need to set up your BIOS to disallow booting from floppy or CDrom, set a BIOS password and have some kind of mechanical security to avoid removal of hard disk. If you do not perform these steps acess to hardware still means root. What about crypto filesystem? -- \ J. Dollinger Uni Ulm | zeitnot@irc | http://www.home.pages.de/~zeitnot/ \ "What're quantum mechanics?" -- "I don't know. People who / \ repair quantums, I suppose." (Terry Pratchett, Eric) /
ar> If you need this kind of security you will also need to set up your ar> BIOS to disallow booting from floppy or CDrom, set a BIOS password and Forget it, every BIOS has master-passwords! mfg ar --- Und nun der Footer! ----------------- PLEASE send mails *only* in pure ASCII, no vCards, attaches in non-proprietary portable formats! Thanks! ----------------------------------------- mailto:andreas@rittershofer.de http://www.rittershofer.de ----------------------------------------- PGP-Public-Key http://www.rittershofer.de/ari.htm -----------------------------------------
hi On Tue, 26 Sep 2000, [iso-8859-1] J�rgen Dollinger wrote:
What about crypto filesystem?
Nice idea.. it set me thinkin, i want to have a public key/private key type or just simple encryption. when i compile the kernel, i add a password function that decrypts the file system when finding init. the password must ofcourse itself be encrypted ,but that's tnot the point. i'll encrypt the bootsector, and a few strategic places in the filesystem,so that when the system boots, instead of finding init directly, the kernel supplies the password and decrypts the boot sector and the file system, then finds init and boots. if any one pops a floppy and tyies to boot, without the password from teh kernel, the fs cant be mounted at all. so far it's been my fantaasy.. is it implementable? cheers cheedu
What about crypto filesystem?
Nice idea.. it set me thinkin, i want to have a public key/private key type or just simple encryption. when i compile the kernel, i add a password function that decrypts the file system when finding init. the password must ofcourse itself be encrypted ,but that's tnot the point. i'll encrypt the bootsector, and a few strategic places in the filesystem,so that when the system boots, instead of finding init directly, the kernel supplies the password and decrypts the boot sector and the file system, then finds init and boots. if any one pops a floppy and tyies to boot, without the password from teh kernel, the fs cant be mounted at all. so far it's been my fantaasy.. is it implementable?
Chapter 10 - Encrypting files and drives in Linux, BSD, and other Unices http://www.securityportal.com/research/cryptodocs/basic-book/chapter-10.html The LSKB also covers various options. Not to toot my own horn or anything but most of the questions asked here are answered in stuff I've written that is available on Securityportal.
cheers cheedu
Kurt Seifried SecurityPortal, your focal point for security on the net http://www.securityportal.com/
On Tue, 26 Sep 2000, Kurt Seifried wrote:
Not to toot my own horn or anything but most of the questions asked here are answered in stuff I've written that is available on Securityportal.
We thank you, and we do go and read what you have written. Kind regards, S.T.Ryder mailto:stryder@facestech.com +-------------------------------+-------------------------------------+
I think this would be a good question to post to linux-kernel@vger.kernel.org quite a number of kernel developers sre on it including Linus. On Tue, 26 Sep 2000, Sridhar wrote:
hi
On Tue, 26 Sep 2000, [iso-8859-1] J�rgen Dollinger wrote:
What about crypto filesystem?
Nice idea.. it set me thinkin, i want to have a public key/private key type or just simple encryption. when i compile the kernel, i add a password function that decrypts the file system when finding init. the password must ofcourse itself be encrypted ,but that's tnot the point. i'll encrypt the bootsector, and a few strategic places in the filesystem,so that when the system boots, instead of finding init directly, the kernel supplies the password and decrypts the boot sector and the file system, then finds init and boots. if any one pops a floppy and tyies to boot, without the password from teh kernel, the fs cant be mounted at all. so far it's been my fantaasy.. is it implementable?
cheers cheedu
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
participants (7)
-
Andreas Rittershofer -
Juergen Ellinger -
Jürgen Dollinger -
Kurt Seifried -
S.T.Ryder -
semat -
Sridhar