[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]

Down goes Linux Security!

To: linux-delhi@xxxxxxxxxxxxxxxxxxxxx
Subject: Down goes Linux Security!
From: metalmaniac@xxxxxxxxxxxx
Date: 5 Oct 2000 02:39:43 -0700

Hey guys,
I may have found a security hole!!
Yesterday I was going through the BootPrompt HOWTO.
I have LILO installed for booting into Linux or Win95.
Just pass the option "init=/bin/sh" to the kernel, and presto! after the boot is complete you are dropped into the shell with *root* priveleges.
One thing though the root file system is mounted read-only. but no problem, just issue the command : mount -o remount,rw /dev/hda2 and hey! you just have total control over the file system as root.
What the hell is this! anyone can also boot from a floppy and mount the hard drive and create havoc!!!
is there a way out?
I have given my brother & myself simple user accounts.
only I know the root password, so he can't sneak into my home dir and see my personal files. but this way he may even change/delete them.
and I thought Linux was the most secure system around!!
any answers?
Saurabh nanda
 


______________________________________________________
123India.com - India's Premier Portal 
Get your Free Email Account at http://www.123india.com

Follow-Ups:
- Down goes Linux Security!
  - From: Raju Mathur

Prev by Subject: Re: Do you pine for the nice days
Next by Subject: Re: Down goes Linux Security!
Previous by thread: Re: RedHat 7 CD
Next by thread: Down goes Linux Security!
Index(es):
- Subject
- Thread