Lars Müller wrote:
On Fri, Mar 02, 2012 at 07:47:50AM -0500, James Knott wrote:
Roger Oberholtzer wrote:
With Linux, give anyone a grub menu and nothing else, and it's trivial to
get to a root prompt and change the root password. In a corporate world, the trick then would be to set the root password back after this so the IT police don't know you did it... The trick to resetting the password is knowing what it was originally. It's easy enough to change the password to something new, but restoring the original? a) boot with init=/bin/bash b) mv /etc/shadow /etc/shadow.orig&& cp -a /etc/shadow.orig /etc/shadow c) passwd
As soon as you finished your work you move /etc/shadow.orig back. The majority will not notice this. As they have not protected the boot loader.
As soon as the boot loader ist password protected it gets only a bit more tricky. Remove the harddisk and manipulate all from inside a different host. In this case you'll very likely not be able to boot from an external media.
Well, you can protect more and more and at the end all these evil red hairy monters will find a way. ;)
The only items very well protected against use are printers. ;)
Lars
And why should people have to do this to work around an incredibly STOOPID decision? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org