Precisely - like booting from a Knoppix cd, mounting the drives rw....you get the picture. Physical access == total access. Worst case scenario, I simply remove the drives and mount them on a box that I do control.On Wednesday 25 October 2006 23:14, cardoso wrote:Exactly. A few years ago I used to deal with linux fanboys showing them the cute trick of "linux single" at boot time. After a few hours begging for the admin password, I teached the trick and they usually stopped the brag about how security Linux was.Can't do that in most modern distributions today -- they're configured to ask for root password before they give a single-user shell. Not that there aren't other ways around that restriction...
Paul Schmehl (pauls@xxxxxxxxxxxx) Senior Information Security Analyst The University of Texas at Dallas http://www.utdallas.edu/ir/security/
Attachment:
p7sJrNqEt3F0F.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/