can't go to single user mode
Robert P. J. Day
rpjday at crashcourse.ca
Sat Jan 12 12:26:22 UTC 2008
On Sat, 12 Jan 2008, Tim wrote:
> On Fri, 2008-01-11 at 16:42 -0500, Robert P. J. Day wrote:
> > but here's something i just noticed that strikes me as weird -- if you
> > have a grub password, you'll need to enter it to edit the boot line,
> > but you *don't* need it to simply make a non-default selection. i
> > *think* i've just verified that, but if someone else wants to confirm
> > it, feel free. that seems like a security hole.
>
> If you want password protected menu items, you must put password
> commands into those stanzas. Either a "lock" command so you enter
> the password previously set. Or a password command to have
> individual passwords for different menu items.
>
> I do that for some of them (e.g. I have "boot from floppy" menu
> options, and "begrudgingly boot ye olde Windows," that I protect
> against), but leave other things fine (e.g. memtest can be run,
> different kernels for this Linux can be run, and I have a halt entry
> to turn off the box without having to hang onto the power button -
> useful if you accidentally rebooted instead of shutdown).
yes, i noticed that upon further reading of the grub docs. for some
reason, i always thought you needed to enter the global grub password
if you tried to do *anything* out of the ordinary other than just let
the system boot with the default grub entry. i didn't realize that
you could still select a different grub entry without needing that
password.
learn something every day, as they say.
rday
--
========================================================================
Robert P. J. Day
Linux Consulting, Training and Annoying Kernel Pedantry
Waterloo, Ontario, CANADA
Home page: http://crashcourse.ca
Fedora Cookbook: http://crashcourse.ca/wiki/index.php/Fedora_Cookbook
========================================================================
More information about the fedora-list
mailing list