+++
title = "dracut and CVE-2016-4484: Cryptsetup Initrd root Shell"
date = 2016-11-15T16:42:23+00:00
[taxonomies]
tags = ["dracut", "fedora", "programming"]
+++
People who want to secure their Fedora/RHEL system have to:
* add a BIOS password
* add a grub password
* add "rd.shell=0" to the kernel command line

Anaconda does add "rd.shell=0" to the kernel command line automatically, if you setup the bootloader with a password.
<!-- more -->