Bug 8390 - root gained without password
root gained without password
Status: CLOSED WONTFIX
Product: Red Hat Linux
Classification: Retired
Component: SysVinit (Show other bugs)
6.1
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Bill Nottingham
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2000-01-11 20:16 EST by Steve Willoughby
Modified: 2014-03-16 22:12 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2000-01-13 11:20:35 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Steve Willoughby 2000-01-11 20:16:04 EST
In many other distributions, when the system is started in single user
state or dropped to single user because of file system problems requiring
manual correction, the user is presented with login to provide the root
password before gaining root access to the system.  While root access can
be gained via recovery diskettes, a problem exists in the SysV scripts for
initstate 1 in that if linux is started from the LILO prompt thus:
LILO: linux 1
the system will boot into single user state with root shell prompt and no
need for any other tools!
Comment 1 Bill Nottingham 2000-01-13 11:20:59 EST
You can do the same thing with 'linux init=/bin/bash'.
Without restricting lilo (look at the password options),
restricting 'linux single' is somewhat pointless.
Comment 2 Riley H Williams 2000-01-18 09:00:59 EST
I have to admit that's one thing I would like to see changed, preferably so it
works along the lines of the following logic:

 1. At the moment, the "password=" line specifies the password to use. I
    would prefer to see this replaced with a "user=" line specifying the
    user whose password is to be used.

 2. When `lilo` is run and sees a "user=" line, it asks the user running
    it for a password and validates it against the login password of the
    specified user, aborting if they don't match.

 3. If the password matches, lilo stores an encrypted version thereof in
    the relevant boot sector as part of its duties,  and it is this that
    is used during system boot if a password is required.

Apart from anything else, this would remove a security risk from Linux.

Note You need to log in before you can comment on or make changes to this bug.