On Wednesday 24 April 2002 05:28 am, Thomas Futschek wrote:
Recently I saw if you boot a kernel with a boot option like 'init=/bin/bash' (to example: linux init=/bin/bash) you become root without athentification.
Can anybody tell me why it works and how I protect?
Others have quite adequately explained the LILO aspects of this, but I would add one comment: Physical security is an important aspect of any system, and you need to protect access to the physical console. Even a BIOS password can be circumvented, by using the jumper on (many) motherboards that allows the BIOS to be totally flushed and reset through temporarily removing its battery power. If your system is important, the physical console needs to be under lock and key. That's true of all systems, not just Linux. Scott -- -----------------------+------------------------------------------------------ Scott Courtney | "I don't mind Microsoft making money. I mind them courtney@4th.com | having a bad operating system." -- Linus Torvalds http://www.4th.com/ | ("The Rebel Code," NY Times, 21 February 1999)