Mailinglist Archive: opensuse (1165 mails)

< Previous Next >
Re: [opensuse] Re: Should openSUSE review it's Security Policies?
  • From: Roger Oberholtzer <roger@xxxxxx>
  • Date: Fri, 02 Mar 2012 08:08:14 +0100
  • Message-id: <1330672094.24308.7.camel@acme.pacific>
On Thu, 2012-03-01 at 19:55 +0000, Jim Henderson wrote:
On Thu, 01 Mar 2012 14:27:17 -0500, James Knott wrote:

Business employees generally do not get root or admin access to their
computers.

Arguably, working around that is trivial regardless of the OS. There
really is no security when the user has physical control of the device,
regardless of the OS.

With Linux, give anyone a grub menu and nothing else, and it's trivial to
get to a root prompt and change the root password.

In a corporate world, the trick then would be to set the root password
back after this so the IT police don't know you did it...


Yours sincerely,

Roger Oberholtzer

OPQ Systems / Ramböll RST

Office: Int +46 10-615 60 20
Mobile: Int +46 70-815 1696
roger.oberholtzer@xxxxxxxxxx
________________________________________

Ramböll Sverige AB
Krukmakargatan 21
P.O. Box 17009
SE-104 62 Stockholm, Sweden
www.rambollrst.se


--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >
This Thread
Follow Ups