Re: require root passwd for single user mode login?

Subject: Re: require root passwd for single user mode login?
From: Josh Smith (irilyth@infersys.com)
Date: Tue Aug 29 2000 - 08:41:53 MDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Blottman John B III NPRI: "RE: File size limit exceeded"
• Previous message: Radar O'Reilly: "Re: require root passwd for single user mode login?"
• In reply to: Radar O'Reilly: "Re: require root passwd for single user mode login?"
• Next in thread: Kyle Wheeler: "Re: require root passwd for single user mode login?"
• Reply: Josh Smith: "Re: require root passwd for single user mode login?"

As others have pointed out, physical access lets you do pretty much whatever
you want to your average desktop system, regardless of whether there's a
single user password. Critical servers in a server room may be harder to
boot off of alternate media, but they're also harder for a casual attacker
to sit down in front of -- don't you keep your servers in a locked room with
an alarm system? The "let a buddy sit at my desk while I go out to lunch"
example shouldn't apply to critical servers...

Nevertheless, on my Red Hat systems, I do set a LILO password, because as
others have said, every little bit helps. Does yaboot really not let you do
this? I haven't tried yet, but was sort of guessing that its yaboot.conf
file, looking a lot like a lilo.conf file, would let you do some of the same
things along those lines.

Also, keep in mind that blanket statements like "no one should ever be able
to reboot without the root password" may not apply to all situations. One
trivial example is users who have desktop systems that a sysadmin group
runs, for which the user doesn't have the root password, but which they may
need to shut down (e.g. if they want to move their desk across the room).
Yes, you can use a tool like sudo to let users shut down their own system,
but for dozens (or hundreds, or thousands) of users, this becomes an
administrative nightmare, keeping the map of usernames to system names up to
date as people and machines come and go. Letting people reboot their own
desktop from the console is very convenient in those circumstances, and not
any less secure than the situation would be if they couldn't do it. But
that's just one circumstance, so I'm not about to say "everyone should
always be able to reboot without the root password", because that's
obviously not true either.

About the one group per user thing: Red Hat explains their rationale at

  http://www.redhat.com/support/manuals/RHL-6.2-Manual/ref-guide/s1-sysadmin-usr-grps.html#S2-SYSADMIN-PRIV-GROUPS

and I personally have found it to be a very useful technique. Some scaling
issues when you get into the tens of thousands of users, but none of the
systems I run are in that range, so it works well in the environment where I
run systems.

                                      -Josh (irilyth@infersys.com)

• Next message: Blottman John B III NPRI: "RE: File size limit exceeded"
• Previous message: Radar O'Reilly: "Re: require root passwd for single user mode login?"
• In reply to: Radar O'Reilly: "Re: require root passwd for single user mode login?"
• Next in thread: Kyle Wheeler: "Re: require root passwd for single user mode login?"
• Reply: Josh Smith: "Re: require root passwd for single user mode login?"

This archive was generated by hypermail 2a24 : Tue Aug 29 2000 - 08:47:40 MDT