Linux4biz::LILO Article

home

about us

solutions

support

writing

link land

discussion forum

feedback

contact us

LILO:

There are several techniques to minimize the risk of passing LILO arguments at boot time and booting the system in single user mode to get the root shell.

delay=X

this controls how long (in tenths of seconds) LILO waits for user input before booting to the
default selection. It should be set to 0 unless the system dual boots something else.

prompt

this forces the user to enter something, LILO will not boot the system automatically. This will not reboot the server without a human attendant. But, If you add a timeout option then the system will continue booting after the timeout is reached.

restricted

This option will ask for password if boot time options (such as "linux single") are passed to the boot loader.

password=

This requires user to input a password if used in conjunction with restricted option. The lilo.conf file must not be world readable, otherwise any user will be able to read the password.
Here is an example of a good secure lilo.conf .

boot=/dev/hda
map=/boot/map
install=/boot/boot.b
prompt
timeout=100
default=linux
image=/boot/vmlinuz-2.2.12-20
label=linux
root=/dev/hda1
read-only
restricted
password=kpAsSb0rv_f

The above configuration will function as follows:

1. Boots the system using the /boot/vmlinuz-2.2.12 kernel, stored on the first portion (right after the MBR) of the first IDE harddrive of the system
2. The prompt keyword would normally stop unattended rebooting. It should be set in the image, so it can boot “linux” with no problem. This will be useful for remote booting. But it would ask for a password if you entered “linux single”
3. Timeout option will give you 10 seconds to type the password ("kpAsSb0rv_f"), if you want to go into “linux single”.

Some of the minor security steps that should be taken along with lilo security:
1: BIOS should be password protected and should only boot from C:
2: The lilo.conf file should be set to immutable, using the “chattr” command. To set the file immutable simply type the following command on the console:

chattr +i /etc/lilo.conf

This will any changes (accidental or otherwise) to the lilo.conf file. If you wish to modify the lilo.conf file you will need to unset the immutable flag by issuing the following command on the console:

chattr -i /etc/lilo.conf

[Note: only the root user has access to the immutable flag. ]

Conclusion:
By applying the several techniques above you can minimize the risk of passing LILO arguments at boot time, and prevent the most damaging one argument "image-name single" which boots Linux into single user mode without asking for any password.

This article is Copyright (c) 2000 by Kapil Sharma. This material may be distributed only subject to the terms and conditions set forth in the Open Publication License, v1.0 or later (the latest version is presently available at http://www.opencontent.org/openpub/).

Written by: Kapil Sharma

Website: http://www.linux4biz.net
[Kapil Sharma is a Linux and Internet security consultant. He has been working on various Linux systems and Internet Security for more than 4 years. He is maintaing a web site http://www.linux4biz.net for providing free as well as commercial support for web and linux solutions.]

[Back]

Web site maintained & supported by