Your SysAdmin, if they are worth their salt, should know all of this already, but I will say it anyway.
Here are some ways to protect against rebooting to single user mode.
This is only a problem if the box is logged in as root. It is a company policy where I work to not have root logged in at the console. This prevents prying eyes.
Also, if the box is not physically secure, ie in a locked room, then you will always have a chance where someone can power off and power on the box to get it to single user mode that way.
The shutdown command should be only allowed for root user, so if the box is not logged in then you shouldn't have a problem with that.
This procedure of rebooting to single is not a security hole, and there is no way to prevent it except having your server in a locked room with root logged out of the console. We have a key card access to our data centers.
With regard to .rhosts, it CAN be a security hole if users have one in their home directories to allow outside users onto the box. Again, we only use .rhosts on secure hosts that are trusted inside a firewall. Also, I usually disable it, (comment out the lines in the file), when it is not in use just as a precaution.
But when used properly, .rhosts can be an asset.
03-21-2002
