[techtalk] Re: techtalk digest, Vol 1 #445 - 11 msgs

Angela Nash Chick at the-nashes.net
Fri May 11 22:53:51 EST 2001 

This is extremely well documented.  I know it's in the Linux book we wrote.
:)  Again, if you want to remove it just edit the inittab.  I'm not sure
where you looked for this info, but any Linux recovery information will talk
about the single and emergency runlevel options.  I know other UNIX systems,
such as Solaris/SunOS, offer similar recovery run levels.  To be fair, this
wasn't a big deal since most UNIX machines were in locked data centers.
But, now that people are putting it on their desktops they may want to lock
it down.  

So edit the inittab or put a password on LILO in the /etc/lilo.conf.

Jason

-----Original Message-----
From: Linda MacPhee-Cobb [mailto:prettyphysicslady at hotmail.com]
Sent: Friday, May 11, 2001 10:47 PM
To: techtalk at linuxchix.org
Subject: [techtalk] Re: techtalk digest, Vol 1 #445 - 11 msgs



But again, if it is a 'recovery thing' where is the documentation?  Why 
wasn't it clearly in the manual?

Why bother having passwords if anybody can get around them?  Don't you think

that by putting encrypted passwords on a computer one would be led to 
believe that a password was needed to gain entry?  Especially since linux 
makes such a big deal about how secure it is.

Yes you can pull out the hard drive and stick it in another machine.  You 
can take a crow bar to my back door and get in my house as well.

But if all your neighbors had a pass key to your house when you bought it 
and you were not told about it wouldn't you feel a bit violated?

That is how this is... a hidden way in, and it leads one to wonder what else

is hidden and why.

Linda


>From: Angela Nash <Chick at the-nashes.net>
>To: 'Linda MacPhee-Cobb' <prettyphysicslady at hotmail.com>, 
>techtalk at linuxchix.org
>Subject: RE: [techtalk] Re: techtalk digest, Vol 1 #447 - 11 msgs
>Date: Fri, 11 May 2001 22:32:10 -0400
>MIME-Version: 1.0
>Received: from [216.254.90.131] by hotmail.com (3.2) with ESMTP id 
>MHotMailBCC5EBAC00CA4004319ED8FE5A830CAF0; Fri May 11 19:32:13 2001
>Received: by NASH-PDC.the-nashes.net with Internet Mail Service 
>(5.5.2650.21)id <21X1KTYS>; Fri, 11 May 2001 22:32:11 -0400
>From jason at the-nashes.net Fri May 11 19:33:15 2001
>Message-ID: 
><15DF588D2F47C046975BA9CC56A55055086274 at NASH-PDC.the-nashes.net>
>X-Mailer: Internet Mail Service (5.5.2650.21)
>
>This isn't a LILO thing.  This is an "init" thing.  When you type "linux 1"
>or "linux s" at the LILO prompt it is passing the 1 or s parameter to the
>kernel, which hands it to the init process.  The init process then finds
>this runlevel in the /etc/inittab and executes the processes.  This is how
>the other runlevels operate too.  So if you want to remove it you need to
>edit the /etc/inittab file.
>
>This isn't a backdoor.  It's a recovery procedure.  Almost every UNIX type
>system has the same thing.  Physical security is every bit as important as
>passwords and file permissions.  You can either remove this runlevel from
>the inittab file, or just add a password to the LILO prompt.  But, if I 
>have
>a bootdisk I can get by both unless you encrypt the filesystem.
>
>Jason
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com


_______________________________________________
techtalk mailing list
techtalk at linuxchix.org
http://www.linux.org.uk/mailman/listinfo/techtalk

More information about the Techtalk mailing list