[SOLVED] No prompt for root password after attempting to enter single user mode

infinite_scale · 07-13-2011, 02:38 PM

I followed instructions to enter single user mode by adding single at the end of kernel line but after that it doesn't ask for root password but brings up the sh# prompt. Isn't that supposed to be insecure?

I understand for this the grub password can be applied but even after adding "single" it should ask for root password..or it should not..??

snowday · 07-13-2011, 02:44 PM

It is a recovery mode that you can use to reset a forgotten root password.

It's only a security flaw if you give strangers physical access to your computer.

frieza · 07-13-2011, 03:55 PM

single user mode spawns a root shell, it doesn't invoke a login process
even IF the single user boot prompted for a login nothing other then a grub password would stop someone from say adding

Code:

init=/bin/bash

and then re-mounting / as rw instead of single and achieving essentially the same effect.
or booting from a live cd, chroot the live install, change root password, and/or grub password

in short, no matter what, physical access trumps any extra layers of security that may be in place

infinite_scale · 07-30-2011, 09:51 AM

Thanks snowpine and frieza. The info is really helpful and certainly i agree.. that is a security flaw.. Preventing physical access is very important.. :-)