Red Hat Bugzilla – Bug 10265
Specifying an init program poses security risk in Linux.
Last modified: 2008-05-01 11:37:55 EDT
I have a dual boot system Linux + NT, thus the system is using the NTLDR. This is giving me a lot of trouble in terms of security. There are three problems: 1. I boot into Linux using single user mode and you can change the root password. I have resolved this now by adding the following line to the /etc/inittab file ~~:S:wait:/sbin/sulogin 2. A user can specify an alternate init program, as an example try typing this in linux init=/bin/bash This will get me into the root shell immediately. Which is a very serious problem. In fact even adding the lines to /etc/lilo.conf will not help due to the fact that this is a dual boot machine. However works fine on a regular Linux RedHat system. restricted password=thisisthepassword Also the lilo.conf is readable/writable by root only ! 3. Specifying an alternate root partition can also be problematic, but can be worked around restricting certain files only to root and read access to the rest of the users. However a system with a seperate filesystem with /tmp *filesystem* could still be vulnerable. My greates problem is how to eliminate number "2", is there anyone who has seen this before and can provide me with a solution. The alternative would be a boot loader that would prompt a user for a password if there is any typing done, if the tab is not used to select an option. Does anyone know of such a boot loader, and where to find it ? Here is my Lilo.conf in the hope that it will help in the solution.
"Lilo.conf" boot=/dev/hda5 delay=50 map=/boot/map install=/boot/boot.b prompt timeout=40 image=/boot/vmlinuz-2. label=linux root=/dev/hda5 read-only password=1231a11a restricted
*** Bug 10370 has been marked as a duplicate of this bug. ****** Bug 10370 has been marked as a duplicate of this bug. ***
This works fine for me: if I add 'restricted', and some password, I can still chose a different boot choice, but any arguments to a linux boot still ask for the password.
Yes it works fine only when you are running Linux, however have you tried this with a dual boot computer ? Thus (NT + Linux) and then try specifying the command above ? If it works for you with this type of environment, please specify exactly what you have done to resolve this issue since I tried this on 7 different computers now, and it doesn't work for us.
Have you attempted to test this, when both LINUX and NT are installed ? This is what I explicitly pointed out as being the key in this BUG. Please read the post again if you don't understand it. If you need further clerification e-mail me and I will be glad to make it even more cristal clear.
*** Bug 10822 has been marked as a duplicate of this bug. ***
*** Bug 10921 has been marked as a duplicate of this bug. ***
With a response time of 2 month, it's no wonder Linux has so many bugs.
No anwer yet, great. I expected a late response, but no response means you don't have a clue how to solve the issue. Oh well.
The only way that I have found to work correctly with NT is this: fdisk drive install NT on paritions set aside for it Install linux on whatever partitions set aside for it Install lilo on first sector of linux parition use fdisk to mark the linux partition as the 'bootable' one. This uses NT's default MBR code to load the BR from the linux parition, which contains LILO. LILO chains to the NT loader when booting NT, making NT happy. This should allow correct passwording of the LILO command line.