hi, to avoid this you can use a crypting file system. i dont know if such is available for linux, but i know that this is available in form of scsi controllers that do this in raw form. so you have your hd encrypted, even booting from elsewhere didnt give access without the the propper passphrase. greets, chris On Montag, 26. Februar 2001 20:49, Sascha Kloss wrote:
Hello
I recently bought 7.1 pro and forgot my root password. It was terrible. Anyway, after a bit thinkin' I took out the CD 2 and started the 'rescue system'. With that I had FULL ACCESS on MY HDDs!! Even /etc/pwd... . I created a new user with no password and root privileges. With that I edited the root pwd and ...
ping-- There is my new root pwd.
Isn't this a security hole. Let's say Microsoft's WEB-Server's runnin' Linux and I would have 10 Minutes physical access and my CD 2 with me. Then I could change the ROOT pwd.
Sascha
X-Mozilla-Status2: 00000000 Message-ID: <3A9AA714.6E19605B@d2mail.de> Date: Mon, 26 Feb 2001 19:57:24 +0100 From: Sascha Kloss <01725832094@d2mail.de> X-Mailer: Mozilla 4.74 [de] (X11; U; Linux 2.2.16 i686) X-Accept-Language: en MIME-Version: 1.0 To: suse-linux-e@suse.com Subject: Security HOLE Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit
Hello
I recently bought 7.1 pro and forgot my root password. It was terrible. Anyway, after a bit thinkin' I took out the CD 2 and started the 'rescue system'. With that I had FULL ACCESS on MY HDDs!! Even /etc/pwd... . I created a new user with no password and root privileges. With that I edited the root pwd and ...
ping-- There is my new root pwd.
Isn't this a security hole. Let's say Microsoft's WEB-Server's runnin' Linux and I would have 10 Minutes physical access and my CD 2 with me. Then I could change the ROOT pwd.
Sascha
---------------------------------------- Content-Type: text/plain; charset="us-ascii"; name="Anhang: 2" Content-Transfer-Encoding: 7bit Content-Description: ---------------------------------------- -- visit me at http://mamalala.de ICQ-> NICK: chrisk ->UIN: 108069244 (not always online.....)