| sean finney on 15 Sep 2005 17:46:37 -0000 |
|
hi, On Thu, Sep 15, 2005 at 12:03:56PM -0400, LeRoy Cressy wrote: > > For future reference, you might have been able to boot into single user > > mode and get in without a password. > booting into single user mode should ask you for the root password. booting into runlevel 1 usually does, but that doesn't mean you can't boot to a root prompt anyway. > If you are forced to log in without a password you need a boot disk with > chroot on it. Knoppix and Tom's root/boot disk are handy beside the > installation CD for your distribution if it has the ability to access a > shell terminal. not necessary unless you've locked your bootloader too. just boot with the kernel cmdline option init=/bin/sh. On Thu, Sep 15, 2005 at 01:34:51PM -0400, gyoza@comcast.net wrote: > I know for a fact that Ubuntu will not ask for a password when going > into runlevel 1. I did it last night as a test. Maybe it's because the > root account is disabled. It's not good for security, that's fer sure. i disagree. if the user can change the boot cmdline to "linux single", they can change it to "linux init=/bin/sh", and you lose anyway. the real solution (not considering physical security issues) is to lock the bootloader, or at least password-protect it. sean Attachment:
signature.asc ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|