On 11/4/07, Paul [EMAIL PROTECTED] wrote:
try init=/bin/bash, now do you think Linux is insecure because it has an
init parameter?
My point was not about the parameter itself. My point was about the
ability to edit the kernel parameters while booting.
IIRC lilo won't allow you that.
Op zondag 04-11-2007 om 11:20 uur [tijdzone +0800], schreef Nicolas
Deschildre:
hi!
I was wondering about the rationale of allowing anyone to easily boot
root (by adding the 'single' parameter to the kernel command line with
grub).
While I can understand it on a server, which must be physically
protected to be really secure, IMO it is pretty bad on workstations.
I know that with some knowledge and perseverance, one can anyway get
root access (Live CD, or if BIOS locked or no CD drive, open the box,
take the drive), but here, with the 'single' parameter, it is an easy
and discrete open door *out of the box*. IMO this is pretty bad
security.
Nicolas
--
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss