Mailinglist Archive: opensuse-security (228 mails)

< Previous Next >
Re: [suse-security] Problem with second user with uid 0?
  • From: Frank Steiner <fsteiner-mail@xxxxxxxxxxxxxx>
  • Date: Fri, 11 Mar 2005 23:52:39 +0100
  • Message-id: <42322137.3080007@xxxxxxxxxxxxxx>
miguel gmail wrote

But, in this case, you can leave the boot cd to your boss, and protect
either the BIOS and the Bootloader with a password that only you and /
or boss know. If somebody needs to run a fsck, he will need to enter
the BIOS pwd and the booloader password.

Anyway, in which way would this be more secure than giving the user the
password? Booting from a CD to perform the fsck, he can enter a new
encrypted string to /etc/shadow and has the root password after rebooting.
So this is the same risk like giving the user the root password: He
can hack your system.

But as I said before, I must trust someone who is supposed to care
about the system if I'm not there. Otherwise, no one but me can ever
maintain anything...



--
Dipl.-Inform. Frank Steiner Web: http://www.bio.ifi.lmu.de/~steiner/
Lehrstuhl f. Bioinformatik Mail: http://www.bio.ifi.lmu.de/~steiner/m/
LMU, Amalienstr 17 Phone: +49 89 2180-4049
80333 Muenchen, Germany Fax: -4054
* Rekursion kann man erst verstehen, wenn man Rekursion verstanden hat. *


< Previous Next >
Follow Ups