Marcel (and Ben as well), Thank you. I have embedded a couple of comments. Please note there was never any intent on my part to troll--so lets be clear about that. With regard to security breaches: -- Yes, I believe I stated as much (in essense) in my post as follows -- "Granted, almost without exception any security scheme can be breached....." As far as root access from a boot/rescue disk (again, this being in context to the original posted complaint) - within that strict context I am not aware of being able use a boot disk with W2k Server or Advanced Server to acquire root (admin) permissions - unless you do a full install. (I not talking about just being able to puruse the data on the disk I am talking about being able to serreptitiously act as the administrator -- by using a simple boot or rescue disk.) If you know how to do this I am certainly willing to listen. With regard to Solaris I had tried this a while back and was unsuccessful--and apparently erroneously concluded that root could not be acquired as easily as with a Linux rescue disk. (Note I didn't try a Linux disk but used the Solaris start-up floppy - 7.0 fot the pc). Now having the knowledge that this is indeed possible-and easily at that- I will give it a go. Thank you. I accept the critisism that I was a bit unfair with regard to singling out SuSE -- to all please accept my humble apologizes. Nevertheless (and here is where I respectfully disagree) I still think that with respect to a rescue/boot disk unless the root password is actually known it should not be allowed to be "reset" under any circumstances. Again this is an opinion. The down side is that if you forget the root password you will need to reinstall the OS--I think that is appropriate. Regards, Lee Marcel Broekman wrote:
Op zondag 14 juli 2002 22:31, schreef Lee Mavrogenis:
Davy,
Don't be such a pretentious fop. This thread started as a complaint by someone that they could get root access by merely using a "rescue disk" My comments where made in this context and so still hold (with the exception of redhat 5--perhaps).
With regard to being able to get through almost any secrity -- that was conceeded in my first post. A big DUH! to those who responded without obviously having read the whole post.
Don't be so enamored with yourself, as you indicate in your post you really don't now what you are talking about but are venturing to make a guess. That's fair--but no need to be an ass about it.
Again, my comments where made within the context or the ORIGINAL posted complaint.
Regards,
Lee
Lee,
Point is that if you know what you're doing and you have physical access to any machine with any OS you can have root access within minutes, be it with a floppy disk, cdrom or removing the hd and mount it in another box. Saying that SuSE (or any other OS for that matter) is weak in that respect is bollocks. If you have to be that serious about the security of your boxes, you better know how to make them more secure and don't stick with the default install. That ultimately means that you'll have to keep them behind closed and locked doors.
Cheers, Marcel
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com