Guest gyri Posted March 2, 2007 Report Share Posted March 2, 2007 I'm not too concerned about this since nobody else in my apartment has the foggiest idea how to use linux or what the command "su" does but if it's not too difficult, I'd like to fix it... When I upgraded to Mandriva2007 a little while back things went pretty smoothly and I really liked some of the new features. I forget what happened exactly but I messed some things up and had to boot into failsafe to fix the problem. What alarmed me was that the su command instantly gave me root permissions in failsafe mode without ever prompting me for a password... Is this a glitch on my computer or is it common to all mdv2007 machines? It kind of defeats the purpose of having a password to begin with... It it's fixable and not too complicated, (I'm still pretty new at the Linux thing...), then I'd like to give it a shot. Thanks, gyri Quote Link to comment Share on other sites More sharing options...
jboy Posted March 2, 2007 Report Share Posted March 2, 2007 This is by design. It's not anything that's broken. Failsafe mode (also known as single user mode, rescue mode, or runlevel 1) automatically boots you to the command line as the root user with NO network connectivity. It is meant for rescue type situations - after all, you may forget your root password and this allows you to recover from that. This is an example of how physical access to the machine pretty much gives you root access if you know what you're doing. You could remove the failsafe menu option but you could still boot to runlevel 1 by pressing the ESC key at the boot prompt and entering 'linux 1' at the boot prompt. If you were concerned about others having physical access to the machine and messing with it, one easy way to hep prevent this would be to set a BIOS password. But you can get around that too. Physical access pretty much can get you root access! There are probably some very tight security measures that could be taken, and someone may comment on them, but it's a matter of just how much of a security exposure you feel you really have. In most cases, this is not really a problem. Oh, I should also mention that if you have sensitive data that you want to protect, then you should consider encrypting those files using an application like TrueCrypt (a great security app). Quote Link to comment Share on other sites More sharing options...
Guest gyri Posted March 2, 2007 Report Share Posted March 2, 2007 I did also consider the fact that it is a feature but assumed that not to be the case. Thanks for the snappy response, I had thought about just removing failsafe from lilo but again, I HIGHLY doubt anybody in my apartment could figure out how to boot to failsafe, su into root, then do something annoying like dd if=/dev/zero of=/dev/sdb I will look into TrueCrypt, however, just because I do store sensitive data from time to time Thanks again! Quote Link to comment Share on other sites More sharing options...
ianw1974 Posted March 2, 2007 Report Share Posted March 2, 2007 It's safe to remove it, since if your system goes pear shaped, you can boot a LiveCD or the Mandriva Install Disk, and go into rescue mode to get access to your disks. Quote Link to comment Share on other sites More sharing options...
jboy Posted March 2, 2007 Report Share Posted March 2, 2007 Great! I highly recommend TrueCrypt if you need to protect sensitive data. Having root access does no good if the files are encrypted. You can also encrypt entire partitions, or a USB pen drive, and even have hidden volumes. Both linux and Windows compiled versions are available and the source code is also available. For more info: http://www.truecrypt.org/ Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.