Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Ok so I'm somewhat of a linux newbie so correct me if I'm wrong and the following isn't a security hole:
I noticed that you can boot from CD1 (Slackware 9.1) and load one of the kernel images from it (e.g bare.i) and then just mount any device as root and view/modify any file at your whim.
Now the wrong thing about this is that it allowed me to mount my main linux partition as root and it never prompted me for my root password!
As a note of interest:
Last time I checked when I booted from the Windows XP CD into it's "recovery console" it DID prompt me for an administrator password before allowing me access to the hard disk.
So, is there any way to correct this other than password-protect the BIOS?
you don't even need a rescue CD to do what you're describing. You can even do it from the lilo prompt if you know how to pass kernel parameters.
So, yeah, if you allow someone to have physical access to your machine, they can do whatever the f@#k they want. But this is very different from being able to do it remotely. Besides, even in windows, there are ways for getting around that password check (otherwise, you'd be really screwed if you forgot your password - I don't remember mine).
Some bios's have an option whereby they start with the keyboard if you don't enter a password at boot time therefore you couldn't bypass any security. Of course you'd have to weld your PC shut to stop people fiddling with the cmos battery...
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
This is an old argument, and the facts that are usually sited are:
1.) You can use a Win2K CD to get by the password in WinXP
2.) BIOS passwords can be bypassed by resetting the CMOS jumper or simply removing the battery
3.) Anyone who has physical access to your system can just remove the hard disk drives, place them in another system (that they control) and mount them with root privilages
The only way to really protect your data is to use encrypted disk partitions (and that's only good if the encryption method is without known weaknesses and the same data was not originally stored "in the clear", since there are data recovery programs that can pull information off a HDD even if it's been overwritting several times).
Oh, so to sum up most people find it more preferable to be able to do maintenance quickly on hosed systems than it is to try to lock down the boot process to where it's next to impossible to boot w/o the root/admin password. If access to the bootstrap process is a concern, invest in case and drive locks.
Chort, I knew you could bypass the BIOS password by screwing around with the CMOS battery, but I was still surprised at how easy it was to get root access on the computer.
I agree however that this is completely different to being easy to "remotely" get root access.
Last edited by luis002001; 10-17-2003 at 08:38 PM.
A couple of things you could do though Just to make things a little harder for whom ever is trying to mess with your computer .
Put it in a safe , dig a hole , leave it there unmarked.
But , you could lock the case. Then enter a password for setup, bios and the hard drive. Then put a password for GRUB. And setup grub so that you cannot enter any kernel commands , wich can lead to problems down the road. But like everyone else in this thread have been saying. To be honest if the person has physical access and enough determination, they can do what ever they please.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.