Em Ter, 2002-03-05 às 11:57, will trillich escreveu: > On Sun, Mar 03, 2002 at 09:40:48AM -0800, Xeno Campanoli wrote: > > In the Trinity OS security recommenation they say to disable the ability > > to run init interactively by setting > > > > prompt=no > >
This is the default in Debian (in lilo.conf) but it is not necessary, even if the guy in front of the computer types the usual: linux single :he will not get root access to your computer without knowing the passwd. (At least on testing with a 2.4.x kernel). If he wants access, he can always boot on a floppy or CD and do whatever he wants to. You will have to disable (in the BIOS) floppy/CD booting AND put a BIOS passwd or all this is for nothing. Michel. > > in a file called /etc/sysconfig/init, but that file doesn't exist on my > > Debian Potato, and I don't find one that has "prompt=" in it (well, > > there is one, but it's a binary called /etc/alternatives/pager, so I > > don't think that's it). Any ideas? TIA. > > # /etc/lilo.conf - See: `lilo(8)' and `lilo.conf(5)', > # --------------- `install-mbr(8)', `/usr/share/doc/lilo/', > # and `/usr/share/doc/mbr/'. > > [snip] > > # Specifies the number of deciseconds (0.1 seconds) LILO should > # wait before booting the first image. > # > delay=20 > > # You can put a customized boot message up if you like. If you use > # `prompt', and this computer may need to reboot unattended, you > # must specify a `timeout', or it will sit there forever waiting > # for a keypress. `single-key' goes with the `alias' lines in the > # `image' configurations below. eg: You can press `1' to boot > # `Linux', `2' to boot `LinuxWAS', if you uncomment the `alias'. > # > # message=/boot/bootmess.txt > # prompt > # single-key > # delay=100 > # timeout=100 > > image=/vmlinuz > label=Linux > read-only > # restricted > # alias=1 > > image=/vmlinuz.was > label=LinuxWAS > read-only > optional > # restricted > # alias=2 > > see "man lilo.conf" and when you mess with lilo.conf, be sure to > run "lilo" itself so your new settings will be written to the > boot sector for your next restart. > > i think. > > -- > I use Debian/GNU Linux version 2.2; > Linux server 2.2.17 #1 Sun Jun 25 09:24:41 EST 2000 i586 unknown > > DEBIAN NEWBIE TIP #44 from Will Trillich <[EMAIL PROTECTED]> > : > Ever think you're reading OUTDATED DOCUMENTATION? Check the > last-revised-date: if it's more than a few years ago, then > there's probably something more recent out there. It may > be under a whole different name, so it'll take perseverance > and determination on your part. Be alert -- you'll find it! > > Also see http://newbieDoc.sourceForge.net/ ... > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > >
