On Tue, May 28, 2002 at 09:27:22PM -0700, Christopher Mahmood wrote:
* Jon San Juan (j_sanjuan@ivchd.com) [020528 20:05]:
You bring up a good issue though.. If you lose a password and reset it, isn't that a security hole? how can you stop someone from resetting or changing the root password ...
If someone has physical access to the machine you've already lost. Even if you could prevent them from booting with 'init=/bin/sh' or whatever, they could just steal the disk out of the machine.
If you use an encrypted file system, and had your important data there, you could prevent loss of that data, even if an attacker had your disk and root access. To make it harder to break into your machine, if you think someone may get to it physically, you can also set up a BIOS password and password protect LILO. Best Regards, Keith -- LPIC-2, MCSE, N+ Got spam? Get spastic http://spastic.sourceforge.net