Single User Mode

By: James Reynolds - Revised: 2006-05-23 devin

Introduction

Discusses a single user mode vulnerability and how to avoid this vulnerability using SecureIt.


Single user mode problem

Single user mode occurs when one boots up a UNIX box and holds down the "s" key (command - s on Mac OS X). UNIX boxes are intended to be in locked rooms, so UNIX administrators don't view single user mode as a problem. However, putting Mac OS X in a lab enviroment is the easiest way for Joe Public to get root access (by restarting the Mac and holding down command-s).

SecureIt 1.05 for 10.2

This perl script, when you install it, asks for a password (this CAN be different than your current root password). Once installed, when you boot into singleuser mode, it will ask for the password. If you type it wrong, it will reboot the computer. There is no way to kill the script in singleuser mode.

Open a terminal window. Type the following into the Terminal (pressing return after each line--you can also copy and paste this):

cd /applications
curl -O http://users.ez-net.com/~jasonb/secureit.tar.gz
tar xvzf secureit.tar.gz
cd secureit1_05
sudo ./install

You must run this as an admin user. It will ask for your password first. Then it will ask for the single user mode password. Type it correctly since in only gives you one chance. If you type it wrong, there is a way to uninstall it without the password. Contact us if you don't know how.

(832x623 - requires QuickTime Player)

More info - Download