24 Apr
2002
24 Apr
'02
19:09
On Wed, Apr 24, 2002 at 11:47:59AM +0200, Andreas Baetz wrote:
On Wednesday 24 April 2002 11:28, Thomas Futschek wrote:
Hi list!
Recently I saw if you boot a kernel with a boot option like 'init=/bin/bash' (to example: linux init=/bin/bash) you become root without athentification.
Can anybody tell me why it works and how I protect?
You tell the kernel to execute /bin/bash as the first program after boot. You could protect from this by adding "password=xxx" to your /etc/lilo.conf. (Only useful if normal users cannot read this file)
Put in the password, run lilo, take out the password. Theo -- Theo v. Werkhoven ICBM 52 8 24N , 4 32 40E. S.u.S.E 7.3 x86 Kernel 2.4.16-4GB