Re: Single user mode changing root passwd ?

From: Allan M. Stewart (astewart@xinetix.com)
Date: 03/11/02 

From: "Allan M. Stewart" <astewart@xinetix.com>
To: security-discuss@linuxsecurity.com, "Dmitry Horoshih" <horoshih@infosec.ru>
Date: Mon, 11 Mar 2002 09:56:40 -0500

Thanks Dmitry,

   I think that's exactly what I was looking for. I do want other users of
the system to be able to reboot. There are only a couple of other people
using the system, but it is a multi-boot system with win98, FreeBSD, RedHat,
and other (maybe) Linux systems available.

   I use V-Com's System Commander to offer boot choices. This has password
protection for accessing each OS boot, but didn't protect me from the single
user changing passwd.

I still think this is not good default behavior. How many people have the
"restricted" option in their lilo.conf ? I'd wager not the majority. I think
passwd prog should ask for the old password before letting you set the new
one like it does for normal users.

Allan

   

On Monday 11 March 2002 01:58, Dmitry Horoshih wrote:
> And if you don't wont to enter password every time you boot computer, =
> you can=20
> put 'restricted' option into lilo.conf. In that case password will be =
> required=20
> only for boot with parameters.
>
> -----Original Message-----
> From: David Correa [mailto:tech@linux-tech.com]
> Sent: Thursday, March 07, 2002 10:59 PM
> To: security-discuss@linuxsecurity.com
> Subject: Re: Single user mode changing root passwd ?
>
> If you read "man lilo.conf" you will see that you can put a passwd
> to limit access globally (all images) or per image.
>
> ------------------------------------------------------------------------
> To unsubscribe email security-discuss-request@linuxsecurity.com
> with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
     To unsubscribe email security-discuss-request@linuxsecurity.com
         with "unsubscribe" in the subject of the message.