blog/content/2016/11/15/dracut-and-cve-2016-4484-cryptsetup-initrd-root-shell.md

+++
title = "dracut and CVE-2016-4484: Cryptsetup Initrd root Shell"
date = 2016-11-15T16:42:23+00:00
+++
People who want to secure their Fedora/RHEL system have to:
* add a BIOS password
* add a grub password
* add "rd.shell=0" to the kernel command line

Anaconda does add "rd.shell=0" to the kernel command line automatically, if you setup the bootloader with a password.
<!-- more -->
initial commit 2020-05-19 18:20:18 +02:00			`+++`
			`title = "dracut and CVE-2016-4484: Cryptsetup Initrd root Shell"`
			`date = 2016-11-15T16:42:23+00:00`
			`+++`
			`People who want to secure their Fedora/RHEL system have to:`
			`* add a BIOS password`
			`* add a grub password`
			`* add "rd.shell=0" to the kernel command line`

			`Anaconda does add "rd.shell=0" to the kernel command line automatically, if you setup the bootloader with a password.`
			`<!-- more -->`