* Michael Stone said: > > 1) specify the shell to invoke at the LILO prompt and I bet that most users > > and majority of admins doesn't care to take a look at the LILO doc or > > sulogin(8) manpage > > 2) changing the boot scripts to set SUSHELL to shash > > 3) change sulogin to use the toor account in the single mode > > So you're currently trying to account for the situation where someone > can figure out how to recover from a terminally inconsistent > installation (from user error, dpkg error, etc.) but can't figure out > how to type "linux init=/bin/sash", add a new user, or boot from rescue > media? I just don't think this is a large enough segment of the user > base (1? 2?) to justify the changes, even if they are simple. Adding a Well, IMHO, any change which is simple enough to make and adds another level of security or removes another (no matter how remote) threat is worth applying. This change won't affect performance, nor weaken security as you imply below. > new root user opens a whole new security issue (does everyone know to > take special precautions for the toor account like changing the password > frequently, making sure toor can't ftp in, etc.?) And no static package Well, take a look at the 2) above. It doesn't add any user, it merely changes one startup script and adds one package to the set of base ones. > can possibly provide the level of protection you'd get from booting off > floppy or cd, so you ought to have one or the other around anyway... I do, but I bet that 50% of home linux users doesn't... greetings marek
Attachment:
pgpOVliLrOkYy.pgp
Description: PGP signature