Asking for root passwd when booting single user
Karl Kleinpaste
karl at cis.ohio-state.edu
Sat Dec 17 03:54:22 AEST 1988
dieter at titan.nmt.edu writes:
> How can I set the system to ask for the root passwd, when booting single
> user ?
% cat /.profile
PATH=/usr/local:/etc:/usr/etc:/usr/ucb:/usr/bin:/bin:.
export PATH TERM
trap exit 2 3 15
login root
There is a very small/short window of vulnerability, while sh is starting
up and evaluating the PATH= and export lines. It is very, *very* small
and hence in practice is no problem. But the hole is still there in this
example. Give a determined abuser a few hours and he may succeed.
We accomplish approximately the same thing with a program /bin/singleuser
which protects itself from all `reasonable' signals and then demands the
root password, with an N-minute timeout (don't remember N just now). It's
the 1st line in /.profile.
--Karl
More information about the Comp.sys.sun
mailing list