On Mon, 05 Jul 1999, you wrote:
-Hi,
-
-Recently my system failed to boot (I had added something to rc.local,
-that didn't belong there). On irc I was told that I could still boot if
-I gave linux single at the LILO boot. This worked, but to my surprise
-I never had to enter a login or a password. Even then, I was allowed
-to change rc.local back to what it was.
-
-Is this normal? I thought Linux was supposed to be so secure.
This is normal. It is possible to add a password requirement in
single user mode but, since single user requires console access, it
would be pretty useless. In my experience, the most common use for
single user is to reset a root password so the lack of a password is a
compromise. In any case, no system is secure if the console can be
accessed. Period. Anyone who knows enough to boot to single would
probably know enough to make a set of boot disks and completely bypass
your boot files anyway.
Linux is secure but it is not magic. Security is a never ending
Darwinian process and anyone who cannot get used to that fact of life
and better pull his netowrk cable now.
--
Stephen Carville
--
Good News! NT is now approaching 23x6 availability!
