On Fri, 2003-09-19 at 12:18, Dustin Puryear wrote:
> You can't really protect against this. No matter what you do a user can
> specify /bin/sh as the init process. You can still specify sulogin in
> inittab, but that won't help against:
>
> lilo> linux ... init=/bin/sh
actually, there is a lilo option called 'restricted' that will prevent
the user from passing extra options to the kernel. grub can also be
locked down in a similar way by using the 'password' option.
here's a piece of my grub.conf:
-------------------------------
password --md5 $1$CRo7.0$E2/aaaaaaa/bbbbbbbiAX.
title Linux
root (hd0,2)
kernel /vmlinuz-2.4.20-20.9 ro root=LABEL=/ hdc=ide-scsi
initrd /initrd-2.4.20-20.9.img
--------------------------------
to generate the password line, you can use 'grub-md5-crypt'. basically,
unless an item has the 'lock' option specified, it can be booted without
a password, but you cannot edit the boot options or go to the command
prompt without a password.
here's a piece of a lilo.conf:
--------------------------------
image=/boot/vmlinuz
label=linux
initrd=/boot/initrd.img
read-only
root=/dev/hda6
restricted
password="abc123"
--------------------------------
the restricted means that no extra options are allowed without a
password. if you type 'linux' at the lilo prompt, you can boot, but if
you type 'linux init=/bin/sh', you will be prompted for a password
-- Matt Eastman
