In many other distributions, when the system is started in single user state or dropped to single user because of file system problems requiring manual correction, the user is presented with login to provide the root password before gaining root access to the system. While root access can be gained via recovery diskettes, a problem exists in the SysV scripts for initstate 1 in that if linux is started from the LILO prompt thus: LILO: linux 1 the system will boot into single user state with root shell prompt and no need for any other tools!
You can do the same thing with 'linux init=/bin/bash'. Without restricting lilo (look at the password options), restricting 'linux single' is somewhat pointless.
I have to admit that's one thing I would like to see changed, preferably so it works along the lines of the following logic: 1. At the moment, the "password=" line specifies the password to use. I would prefer to see this replaced with a "user=" line specifying the user whose password is to be used. 2. When `lilo` is run and sees a "user=" line, it asks the user running it for a password and validates it against the login password of the specified user, aborting if they don't match. 3. If the password matches, lilo stores an encrypted version thereof in the relevant boot sector as part of its duties, and it is this that is used during system boot if a password is required. Apart from anything else, this would remove a security risk from Linux.