LFS-Bootscripts 2.2.0-pre1 released
msbREMOVE-THIS at winterdrache.de
Sun Jul 11 04:22:20 PDT 2004
On Sun, 11 Jul 2004 04:39:01 -0600 Archaic <archaic at linuxfromscratch.org>
> On Sat, Jul 10, 2004 at 09:07:30PM -0700, jeremy at jutley.org wrote:
> > This, coming from someone as security minded as you?
> > I don't like my systems defaulting to single user mode - if the
> > password file is corrupt going into single-user mode, then it accepts
> > ANY password at all, and gives root access. IIRC, that's why this
> > functionality was originally removed from the bootscripts back in the
> > day.
> Hmmm. You've given me food for thought. I will ponder this problem today
> while at work and see what scenarios playout in my head. I don't think
> this is as simple as it might seem, especially when taking into account
> remote systems...
How would single-user mode help on remote systems? Single-user mode is not
supposed to run daemons such as sshd (that would defeat the whole purpose
of SINGLE user mode), and in fact if there is a problem so severe that the
bootscripts fail unexpectedly, it is doubtful whether starting such
services would be useful at all.
But all of this is way beyond basic LFS. LFS is not meant to produce a
system that is ready for highly specialized tasks such as remote
administration in the case of serious failures.
Digitize if possible - Eradicate if necessary!
More information about the lfs-dev