By default on Red Hat Linux, user can enter single user mode simply by typing “linux single” at the GRUB boot-editing menu. Some believe that this is left in to ease support of users with lost root passwords.
In any case, it represents a clear security risk – authentication should always be required for root level access. It should be noted that it is extremely difficult to prevent compromise by any attacker who has knowledge, tools, and full physical access to a system. This kind of measure simply increases the difficulty of compromise by requiring more of each of these factors. These last two items have attempted to address concerns of physical/boot security.
To make these preparations more complete, one should consider setting the BIOS to boot only from the main hard disk and locking this setting with a BIOS password.
To set authentication for Single user mode edit /etc/inittab and add following line below initdefault.
id:3:initdefault
~~:S:wait:/sbin/sulogin
This will restrict Single User mode without authentication.
No comments:
Post a Comment