Mailinglist Archive: opensuse (3225 mails)

< Previous Next >
Re: [SLE] a security hole? (good version)
  • From: Anders Johansson <andjoh@xxxxxxxxxxxxxxxxxxxxx>
  • Date: Fri, 12 Jul 2002 12:23:34 +0200
  • Message-id: <200207121223.34005.andjoh@xxxxxxxxxxxxxxxxxxxxx>
On Friday 12 July 2002 12.09, Marc Chassoulier wrote:
> On suse 8.0
> I Have noticed something. When I boot on linux cd (rescue system), I can
> acces to my partition with root account with no password. Consequence : I
> can clear root password, and when I reboot, have full access to linux ,
> like root with no password. Is it possible to correct this problem ?

Yes, ensure physical security of the box and encrypt all sensitive data.

> Disclaimer
<snip ridicolous disclaimer>

Are you insane?
Please understand that anything you send to a *public* list cannot in any
sense of the word be "confidential". And if your company policy forces you to
include it anyway, please trim it a little. That has got to be the worst
"disclaimer" I've ever seen.

//Anders

< Previous Next >
References