Quick Overview

By default, Linux does not password protect the booting into Single User mode. This can be helpful (if you forget the root password, you can boot to single user, change the password, and restart) and dangerous (so can anyone with physical access to the machine. Read below to see how to use this, and how to prevent it

Under LILO

Exploiting

When prompted with the LILO: prompt, type linux single (or whatever kernel you want, followed by the word single). To see a list of available kernels, press TAB. If you have a graphical menu, type CTRL-X to switch to a text prompt first

Preventing

Add password=XXXX to your lilo.conf file. Don’t forget to rerun lilo afterwards

Under Grub

Exploiting

When you select the boot image, press e to edit the currentline. The second (usually) line should say something like kernel <drive>/vmlinuz root=<partition> <otherstuff>. Add single to the end of this line, and boot.

Preventing

Grub stores MD5 encrypted passwords in the grub.conf file. First, run
grub-md5-crypt, which returns the MD5 hash of a given password. Then, open up grub.conf, and add the line password --md5 <output-from-grub-md5-crypt>. Unlike LILO, there is no need to do anything after changing the config file; changes are saved automatically.

Enjoy.