From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.1) Gecko/20021003 Description of problem: A few days ago... 3 or 4, i've found out that when i start my system on single user mode, by passing the command "linux telinit 1" on lilo boot prompt, the system, after the boot sequence, goes directly to the bash command line without no required authentication of any user first.That way i gain full access to the system, with full root privileges.I think it is a severe security breach, because any user with malevolous intentions can gain full access to the system and become it's owner. I'm using Redhat 8.0 on an Intel celeron 266 Mhz (covington processor) with lilo as a bootloader for a dualboot system. I'm registered at RNH and my system is up to date! Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1.i do ctrl+x at lilo boot screen to get to the lilo command line 2.then i type: lilo: linux telinit 1 Actual Results: 3.After the boot process the system goes directly to the bash command line with root previleges!!! Expected Results: i would expect the system to go to the login screen and wait for a user to authenticate and log into the system after that Additional info: I've posted this bug to this componnent but i think it is a systemwide security bug, as i could not find any related componnent more apropriate
You forgot to set a LILO password.