On Tue, May 18, 1999 at 09:16:35PM -0400, Tommy Malloy wrote: > Doesn't the fact that I can go to any Linux box with an install disk or > cd and gain root access mean that the all Linux systems are > fundamentally insecure? Perhaps the install process could be changed > so that root password, or some other verification system is required, > before a reinstall is permitted. It is true that compromising a system > this way requires unfettered access to the box. However as Linux is > used more and more in commercial environments this issue will need to be > addressed.
Leaving it up to the install disk to secure the root partition is impractical. That's like trusting the user with a [Yn] response on "Was the password you entered correct?". The only way to secure a filesystem from this type of access is to use some sort of secure fs (cfs and secure loop devices with encryption come to mind), also check into sfs (sorry, no URL's for these). This has a downfall of the fact that the machine cannot boot without user interaction (some one to authenticate or supply the password for the filesystem). IIRC, MacOS filesystems have similar things to encrypt the partition table with a password, but this does nothing to protect the data. Even with this type of protection, nothing stops some one from putting in a DOS disk with a disk editor and reading byte by byte from the disk. Best bet for easy setup is using encryption over the loop device. -- ----- -- - -------- --------- ---- ------- ----- - - --- -------- Ben Collins <[EMAIL PROTECTED]> Debian GNU/Linux OpenLDAP Dev - [EMAIL PROTECTED] The Choice of the GNU Generation ------ -- ----- - - ------- ------- -- ---- - -------- - --- ---- - --
