True since someone holding down a few keys can stop it and present the boot prompt but at least the password protection will help keep those who don't know it from passing parameters to lilo besides that /etc/lilo.conf had better be readable only by root otherwise that option is useless. On Wed, 27 Sep 2000, Kurt Seifried wrote:
Oh that has been around for some time. How about editing lilo.conf to say password=password restricted this way you can not pass options to lilo unless you know the password. Also you can as well set the timeout to zero. Don't forget the restricted entry otherwise you machien won't boot without a password.
Alas the timeout option is meaningless, ideally setting timeout=0 would make lilo accept no user input and boot straight to the default OS. perhaps this is a feature request.
Kurt Seifried SecurityPortal, your focal point for security on the net http://www.securityportal.com/