[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Fedora safe/recovery mode

Enrico Scholz wrote:
kagesenshi 87 gmail com ("Hikaru Amano") writes:

AP> Seems like it would be advantageous to have a boot target that
AP> goes to runlevel 3 all the time.
I think he suggesting a default entry for that in a fedora
installation .. eg: a grub option with the title "Recovery Console"

/me would expect runlevel 1 behind 'Recovery Console', but not 3...


There are some security considerations with runlevel 1.

On runlevel 2-5, the user is presented with a login screen. I haven't tested this in fedora for some months, but last I checked, runlevel 1 dropped the user directly in a root shell.

Runlevel 3 is at least as safe as runlevel 5 and could be used with no security implications.

So I guess the approach for something like this depends a lot on what the rescue shell should be used for? System recovery would probably call for runlevel 1 (or perhaps a safe-mode runlevel 2 with no drivers, nosmp, noacpi, noapic nolapic and whatever we can think off), but in the runlevel 1 case at least, we should make absolutely sure, the grub stanza is password protected and/or 2) the "drop to root shell without a password" feature is disabled (for all imaginable scenarios).

I realize that the grub bootloader is not password protected by default in fedora, so putting an init=/bin/bash on the kernel cmdline and booting is an easy way in. But for the setups that actually tries to protect against these easy ways in, we should be really careful not to introduce a just-as-easy backdoor via the new recovery option...


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]