Search Members Help

» Welcome Guest
[ Log In :: Register ]

Mini-ITX Boards Sale, Fanless BareBones Mini-ITX, Bootable 1G DSL USBs, 533MHz Fanless PC <-- SALE $200 each!
Get The Official Damn Small Linux Book. DSL Market , Great VPS hosting provided by Tektonic
Pages: (3) </ [1] 2 3 >/

[ Track this topic :: Email this topic :: Print this topic ]

reply to topic new topic new poll
Topic: Security question< Next Oldest | Next Newest >
john.martzouco Offline





Group: Members
Posts: 253
Joined: Nov. 2007
Posted: Dec. 15 2007,18:36 QUOTE

I've installed 4.1 (traditional HD) with multi-user support and created accounts for several users.

Normal bootup is fine, after GRUB runs the default DSL entry, I'm asked for my credentials and I boot in as a user.

I've seen an issue when booting up after I've had to force the machine off.  If I power down the machine without exiting from Xwindows or DSL, the next time I boot up, the system performs an fsck, fixes or deletes some inodes and then logs in automatically as the 'dsl' user - su(pam_unix)[56]:...  From that login, I can navigate to any place on the file system.

My question is: Is this what I should expect from all Linux distributions or is it something that needs attention because of the addition of multi-user support recently in DSL?
Back to top
Profile PM 
curaga Offline





Group: Members
Posts: 2163
Joined: Feb. 2007
Posted: Dec. 15 2007,18:47 QUOTE

No, that's not something expected or wanted. Multi-user support has been in a long time though, but I guess no-one has thought of that..

A question: Is the prompt "Repair> "?


--------------
There's no such thing as life. Those mean little jocks invented it ;)
-
Windows is not a virus. A virus does something!
Back to top
Profile PM 
roberts Offline





Group: Members
Posts: 4983
Joined: Oct. 2003
Posted: Dec. 15 2007,19:03 QUOTE

Multi-user has been in place for a very long time, and it is driven by /etc/inittab.

Booting liveCD or frugal with different (multi-users) specified by the user=name option is something new.

If yours is the second newer method then edit default grub menu to eliminate any non user= options.

If yours in first, then it seems odds that somehow iniitab would "corrupt" back to the original no login.

fsck'ing would be running as root and control given to user dsl would be via iniitab.

However, any machine that can boot from cdrom, usb, floppy, etc, and someone has physical access can always choose to boot many OS, not just Linux, and gain full control of your machine.
Back to top
Profile PM WEB 
john.martzouco Offline





Group: Members
Posts: 253
Joined: Nov. 2007
Posted: Dec. 15 2007,19:26 QUOTE

Quote (curaga @ Dec. 15 2007,13:47)
A question: Is the prompt "Repair> "?

No, the prompt is "dsl@console[dsl]$"
Back to top
Profile PM 
john.martzouco Offline





Group: Members
Posts: 253
Joined: Nov. 2007
Posted: Dec. 15 2007,19:43 QUOTE

[quote=roberts,Dec. 15 2007,14:03][/quote]
Thanks Robert,

Quote
If yours is the second newer method then edit default grub menu to eliminate any non user= options.


I am using a traditional HD install.

The GRUB entry that I'm using reads:  kernel /boot/linux24 root=/dev/hda2 quiet vga=normal acpi=off apm nodma noscsi frugal

It's the default entry that was given when I installed GRUB, except that I modified the acpi and apm options.

Is there another way that I can turn off acpi and turn on apm so that I can remove all the options?

Quote
However, any machine that can boot from cdrom, usb, floppy, etc, and someone has physical access can always choose to boot many OS, not just Linux, and gain full control of your machine.


Okay, I understand that.  I'm not trying to bullet-proof the machine, but I would like to control the installed OS so that it doesn't open any doors like this.

Quote
Multi-user has been in place for a very long time, and it is driven by /etc/inittab.


If anyone can help me understand what changes I need to make, I'd be grateful.
Back to top
Profile PM 
10 replies since Dec. 15 2007,18:36 < Next Oldest | Next Newest >

[ Track this topic :: Email this topic :: Print this topic ]

Pages: (3) </ [1] 2 3 >/
reply to topic new topic new poll
Quick Reply: Security question

Do you wish to enable your signature for this post?
Do you wish to enable emoticons for this post?
Track this topic
View All Emoticons
View iB Code