Security Basics mailing list archives

Re: Is there a kernel patch to stop single user mode?

From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Sat, 20 Sep 2003 03:32:41 +0200

On 2003-09-19 John Hebert wrote:

Is there a way to stop someone with physical access to the box from
booting into single user mode and changing the root password? I'm not
interested in solutions that require setting a boot or poweron
password in the BIOS. I'd like something that could be done in the
Linux kernel, so as to apply to multiple platforms.


AFAIK you don't need a kernel patch for that. Just edit your inittab, so
init calls whatever you like it to call instead.

Anyway, I do not recommend this, since single-user-mode is a valuable
measure for troubleshooting a machine. If you want to secure a box I
suggest you rather lock it away.

Regards
Ansgar Wiechers

---------------------------------------------------------------------------
----------------------------------------------------------------------------

Current thread:

Is there a kernel patch to stop single user mode? John Hebert (Sep 19)
- Re: Is there a kernel patch to stop single user mode? Chris Ess (Sep 19)
- RE: Is there a kernel patch to stop single user mode? David Gillett (Sep 19)
- Re: Is there a kernel patch to stop single user mode? Matt Howard (Sep 19)
- Re: Is there a kernel patch to stop single user mode? Carlos Eduardo Pinheiro (Sep 19)
  - Re: Is there a kernel patch to stop single user mode? Mike MacNeill (Sep 19)
- Re: Is there a kernel patch to stop single user mode? Ansgar -59cobalt- Wiechers (Sep 22)
- <Possible follow-ups>
- RE: Is there a kernel patch to stop single user mode? Tiago de Oliveira Quadra (Sep 24)
  - RE: Is there a kernel patch to stop single user mode? Ranjeet Shetye (Sep 24)
    - RE: Is there a kernel patch to stop single user mode? Per Krogh Nielsen (Sep 24)