Red Hat Bugzilla – Bug 10265
Specifying an init program poses security risk in Linux.
Last modified: 2008-05-01 11:37:55 EDT
I have a dual boot system Linux + NT, thus the system is using the NTLDR.
This is giving me a lot of trouble in terms of security.
There are three problems:
1. I boot into Linux using single user mode and you can change the root
password. I have resolved this
now by adding the following line to the /etc/inittab file
2. A user can specify an alternate init program, as an example
try typing this in linux init=/bin/bash
This will get me into the root shell immediately. Which is a very serious
problem. In fact even adding the lines to
/etc/lilo.conf will not help due to the fact that this is a dual boot
machine. However works fine on a regular Linux RedHat system.
Also the lilo.conf is readable/writable by root only !
3. Specifying an alternate root partition can also be problematic, but
can be worked around restricting certain files only to root and read access
to the rest of the users. However a system with a seperate
filesystem with /tmp *filesystem* could still be vulnerable.
My greates problem is how to eliminate number "2", is there anyone who has
seen this before and can provide me with a solution.
The alternative would be a boot loader that would prompt a user for a
password if there is any typing done, if the tab is not used to select an
option. Does anyone know of such a boot loader, and where to
find it ?
Here is my Lilo.conf in the hope that it will help in the solution.
*** Bug 10370 has been marked as a duplicate of this bug. ****** Bug 10370 has been marked as a duplicate of this bug. ***
This works fine for me: if I add 'restricted', and some password,
I can still chose a different boot choice, but any arguments
to a linux boot still ask for the password.
Yes it works fine only when you are running Linux, however have you tried this
with a dual boot computer ? Thus (NT + Linux) and then try specifying the
command above ?
If it works for you with this type of environment, please specify exactly what
you have done to resolve this issue since I tried this on 7 different computers
now, and it doesn't work for us.
Have you attempted to test this, when both LINUX and NT are installed ?
This is what I explicitly pointed out as being the key in this
BUG. Please read the post again if you don't understand it.
If you need further clerification e-mail me and I will be glad to
make it even more cristal clear.
*** Bug 10822 has been marked as a duplicate of this bug. ***
*** Bug 10921 has been marked as a duplicate of this bug. ***
With a response time of 2 month, it's no wonder Linux has so many bugs.
No anwer yet, great. I expected a late response, but no
response means you don't have a clue how to solve the issue. Oh well.
The only way that I have found to work correctly with NT is this:
install NT on paritions set aside for it
Install linux on whatever partitions set aside for it
Install lilo on first sector of linux parition
use fdisk to mark the linux partition as the 'bootable' one.
This uses NT's default MBR code to load the BR from the linux parition, which
contains LILO. LILO chains to the NT loader when booting NT, making NT happy.
This should allow correct passwording of the LILO command line.