SELinux Reset
Peter Joseph
peterjb at mtaonline.net
Mon Aug 10 20:45:48 UTC 2009
Stephen Smalley wrote:
>
> I think that just caused it to boot to runlevel 1, i.e. single-user
> mode. AFAIK, the kernel command line isn't used for booleans at all,
> but an integer argument will be taken as the runlevel by init.
>
> --
> Stephen Smalley
> National Security Agency
>
> You are absolutely right - thanks for bringing this to my attention (as I
> said before, I am quite new to Linux).
> This does, however, bring up a security question. It seems to me that by
> editing the end of the kernel line at grub prompt to contain "1" can
> compromise the system by turning over the entire control. As long as
> someone has access to an idle machine, local or remote, there is no way it
> can be protected (perhaps by using the boot-loader password - will have to
> try that).
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
>
>
--
View this message in context: http://www.nabble.com/SELinux-Reset-tp24855587p24907209.html
Sent from the Fedora SELinux List mailing list archive at Nabble.com.
More information about the fedora-selinux-list
mailing list