Fedora safe/recovery mode
Enrico Scholz
enrico.scholz at informatik.tu-chemnitz.de
Sun Mar 4 14:00:05 UTC 2007
tmus at tmus.dk (Thomas M Steenholdt) writes:
>>>> AP> Seems like it would be advantageous to have a boot target that
>>>> AP> goes to runlevel 3 all the time.
>>> ...
>>> I think he suggesting a default entry for that in a fedora
>>> installation .. eg: a grub option with the title "Recovery Console"
>> /me would expect runlevel 1 behind 'Recovery Console', but not 3...
>> Enrico
>>
>
> There are some security considerations with runlevel 1.
Either it is a "Recovery Console", or it is not a "Recovery Console". From
such a console, I would expect that I can recover from lost passwords
and/or can fix network settings which prevent successful root logins.
When you want an extra entry for runlevel 3, then name it like 'Text
console' but do not begin DAUification already at the Grub menu and use
terms with a completely different meaning.
> On runlevel 2-5, the user is presented with a login screen. I haven't
> tested this in fedora for some months, but last I checked, runlevel 1
> dropped the user directly in a root shell.
>
> Runlevel 3 is at least as safe as runlevel 5 and could be used with no
> security implications.
As long as Grub and the BIOS are not protected with a password by
default, we do not need to discuss this....
Enrico
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 480 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20070304/c80fe82b/attachment.sig>
More information about the fedora-devel-list
mailing list