Shaun Cloherty wrote:
> Storing a password in clear text in /etc/lilo.conf seems like the worst
> possible solution. Even if I 'chmod 0600 /etc/lilo.conf' I have complete
> faith in the ability of a determined undergraduate student, with copious
> amounts of spare time, to find a way to subvert the file permissions. Hence
> gaining the 'boot time' password, booting in single user mode and wreaking
> havoc on the world at large.
You would need to be root to change the permissions on /etc/lilo.conf,
and if you've got root then there's no need to alter lilo.conf at all.
You can wreak all the havoc you want. You can also enter single user
mode just by typing 'init 1'.
--
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug
