LILO Security Tips!
Posted on: 12/13/2000 05:41 PM

Well I'm glad someone finally wrote this one up. Linux 4Biz has written up a handly little guide to bring to light some of the security implications of running LILO. I've been saying this for a long time among my Linux using friends, it's ridiculously easy to enter runlevel 1 (single user mode -- [image name] -v 1 or [image name] single) via the LILO prompt and gain root access to a box locally.
By applying the several techniques above you can minimize the risk of passing LILO arguments at boot time, and prevent the most damaging one argument "image-name single" which boots Linux into single user mode without asking for any password.
I generally just add a password to lilo.conf and change the permissions on the file (660). They take it one step further using the chattr command. Check their article out.





Printed from 2CPU.com (http://www.2cpu.com/contentteller.php?ct=news&action=story&page=lilo_security_tips.html)