Mailinglist Archive: opensuse-security (228 mails)

< Previous Next >
RE: [suse-security] Problem with second user with uid 0?
  • From: "Ness, Todd" <todd.ness@xxxxxxx>
  • Date: Fri, 11 Mar 2005 15:23:00 -0800
  • Message-id: <48E6557C29E9C645A74851DD40121F5401C17AB4@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Why not just give that user sudo? Then you can see how they fix/break it
worse, and if they have to become root they can just sudo su -?


-----Original Message-----
From: Frank Steiner [mailto:fsteiner-mail@xxxxxxxxxxxxxx]
Sent: Friday, March 11, 2005 4:10 PM
To: Mike Tierney
Cc: 'miguel gmail'; 'SuSE Securitylist'
Subject: Re: [suse-security] Problem with second user with uid 0?

Mike Tierney wrote

> If anyone is *REALLY* determined they can
>
> 1) Cut the padlock
> 2) Pop the case and clear the BIOS password via jumpers

Right. So whenever a user has physcial access to the hardware, you can't
do much to prevent him from hacking into the system. And a user who
should recover a broken system when I'm off, should have access to the
server he needs to recover, so...

I think the question here is: How easy should it be for someone to get
root access? If users know the root password by default, they tend to
use it from time to time "to do a little fix or install a little program
because the admin has already gone home...", and that's what we don't
want.
In case sth. breaks while I'm not in the office, a pre-selected user
opens a sealed envelope. I see this when I'm back and change the
password again to avoid this user doing "a little fix or..." :-) Because
this user must have a key to the server room, I must trust him that he
does not open the server and resets the bios to break in. And if I trust
him this way, I can also trust him that he does not install a backdoor
after opening the envelope and working as root to fix the server.

That's the deal. Nothing more. And all I want to reach is to give this
user a different root password than my usual root password, so that I
don't have to change mine after the envelope was opened.


> 3) Change the BIOS back to booting from CDROM and pop in a boot disk
> 4) Not sure how they'd deal with the encrypted disks! Maybe get a job
> as a cleaner and install a keystroke logger on the keyboard a few
> weeks beforehand...?
>
> So all of a sudden leaving the root password in a sealed envelope
> that's stored in a locked filing cabinent doesn't sound so bad after
all!!!!

Especially not for a chair with 10 people where we all know each other
very well and everyone knows where to get the key to enter the server
room :-)

--
Dipl.-Inform. Frank Steiner Web: http://www.bio.ifi.lmu.de/~steiner/
Lehrstuhl f. Bioinformatik Mail:
http://www.bio.ifi.lmu.de/~steiner/m/
LMU, Amalienstr 17 Phone: +49 89 2180-4049
80333 Muenchen, Germany Fax: -4054
* Rekursion kann man erst verstehen, wenn man Rekursion verstanden hat.
*


--
Check the headers for your unsubscription address For additional
commands, e-mail: suse-security-help@xxxxxxxx Security-related bug
reports go to security@xxxxxxx, not here


< Previous Next >