#include <hallo.h> Javier Fernández-Sanguino Peña wrote on Tue Apr 30, 2002 um 03:50:27PM: > Culd someone explain why is there a root shell prompt for the > Linux kernel: > > "Press ENTER to obtain a shell" (waits 5 seconds)
This is a default for the initrd's linuxrc. You installed one of our
official 2.4.x kernels.
> This seems something related to the cramfs filesystem (ramdisk)
> but I'm not knowledgeable about it. I would like:
>
> 1.- an explanation on why this is shipped by default (to add it to the
> "Securing Debian Manual"
Sense? This prompt is good for loading some modules when the
autodetection fails, so it is only used in seldom cases.
> 2.- someone to step up an explain how to disable this behavior
>
> IMHO the boot-floppies kernel should not ship with this option enabled
We do not.
> (whatever this is for). I was quite surprised when I saw this but a user
> has just mailed me asking for an answer on why does Debian woody ships
Dito. Show me a system with such "problem" after a fresh installation.
> Javi
> ("Securing Debian Manual" editor/author FYI)
Security, soso. Well, since this rescue environment has an executable
shell with root permissions, it _may_ be a security hole, since you can
damage partitions easily, for example. To disable this shell, edit
/etc/mkinitrd/mkinitrd.conf and set DELAY=0. Then recreate the initrd
image (dpkg-reconfigure kernel-image-2.4.x-yz).
Gruss/Regards,
Eduard.
--
We are the OE of Borg. You will be quoted awfully. Sigtrenner is futile.
msg06552/pgp00000.pgp
Description: PGP signature
