On Sat, Jul 13, 2002 at 12:20:06PM -0500, stuart@yorkshirepudding.com wrote:
I think someone mentioned that aren't NTFS drivers for Linux.
That was me.
This is wrong. They may only be safe to use in read-only mode, but that might be all I need to access some vital info from a machine.
I thought that might be the case (I knew there were read-only drivers, but AIUI, they are only in the "experimental" phase, and the read-write drivers are almost certainly not production-worthy), but it was suitable to illustrate the point. The claim was that booting from a rescue disk and then having read-write access to every file was not possible on NT. My point was that - *If* this claim were true, then it's only because a driver hasn't been written yet, and if the driver hasn't been written, it's only because M$ are not releasing the specs for a relatively complicated FS, and therefore the job is more difficult - not because there's anything particularly secure about the way they've implemented the FS. This is security through obscurity (an obscure FS implementation, or at least more obscure than an open standard like ext2) which is no security at all. I believe there is some kind of extra security built in to NTFS, allowing more fine-grained control over access lists; however, this is only effective when the system honours the control data stored on the disk - simply write your own driver that ignores the access control stuff, and you're in. The same is true with editing config files - for example, with Linux, you can remove the root password by booting with a rescue disk and editing /etc/shadow or /etc/passwd with a text editor, whereas Windoze passwords are probably held in some obscure part of the registry, which is so complicated it needs a GUI tool to edit it, which in turn requires you to have a complete session of Windoze running (which is not possible from a boot disk). Just because the data format is a bit more obtuse doesn't make it any more secure. (note that I don't use Windoze, so some of my statements may be wrong...) Anyway, this has very little to do with SuSE, so I'll stop posting on this topic. -- David Smith | Tel: +44 (0)1454 462380 Home: +44 (0)1454 616963 STMicroelectronics | Fax: +44 (0)1454 617910 Mobile: +44 (0)7932 642724 1000 Aztec West | TINA: 065 2380 Almondsbury | Work Email: Dave.Smith@st.com BRISTOL, BS32 4SQ | Home Email: David.Smith@ds-electronics.co.uk