Results 1 to 5 of 5

Thread: LiveCD login sudo access allows security breach ?

  1. #1
    Join Date
    Jan 2009
    Beans
    2

    Question LiveCD login sudo access allows security breach ?

    I have Ubuntu Intrepid installed in my desktop. While tweaking the /etc/fstab file for performance, I screwed up something and hence could not login to the Graphical Interface on reboot. I tried the Ubuntu LiveCD to access the system ( using the View Ubuntu without installing option) . I opened the terminal, entered the following command:

    # sudo nano /media/disk-1/etc/fstab

    Changed the file and saved. System did not ask for a password anytime. I checked the file permissions for this file and found only root has access to change it.

    -rw-r--r-- 1 root root 656 2009-01-10 23:35 fstab

    To my surprise, I am able to access, modify or delete any file in the system through this LiveCD login (as user 'Ubuntu') without any access restriction !!!

    Is this normal behaviour ? If yes, I find it as a security breach as one can access any system if armed with a LiveCD ???

    Excuse me if this question is naive, I am a newbie to Ubuntu

  2. #2
    Join Date
    Apr 2007
    Beans
    617
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: LiveCD login sudo access allows security breach ?

    no computer is safe if you can actually get to the physical machine

    Quote Originally Posted by yyoor View Post
    I have Ubuntu Intrepid installed in my desktop. While tweaking the /etc/fstab file for performance, I screwed up something and hence could not login to the Graphical Interface on reboot. I tried the Ubuntu LiveCD to access the system ( using the View Ubuntu without installing option) . I opened the terminal, entered the following command:

    # sudo nano /media/disk-1/etc/fstab

    Changed the file and saved. System did not ask for a password anytime. I checked the file permissions for this file and found only root has access to change it.

    -rw-r--r-- 1 root root 656 2009-01-10 23:35 fstab

    To my surprise, I am able to access, modify or delete any file in the system through this LiveCD login (as user 'Ubuntu') without any access restriction !!!

    Is this normal behaviour ? If yes, I find it as a security breach as one can access any system if armed with a LiveCD ???

    Excuse me if this question is naive, I am a newbie to Ubuntu

  3. #3
    Join Date
    Jun 2006
    Location
    Switzerland
    Beans
    Hidden!
    Distro
    Kubuntu Jaunty Jackalope (testing)

    Re: LiveCD login sudo access allows security breach ?

    Quote Originally Posted by yyoor View Post
    Is this normal behaviour ?
    Quote Originally Posted by yyoor View Post
    If yes, I find it as a security breach as one can access any system if armed with a LiveCD ???
    You find it as a security breach... most people don't (including me)...

    If you want to protect yourself against physical access, use encryption.

    Quote Originally Posted by yyoor View Post
    Excuse me if this question is naive, I am a newbie to Ubuntu
    Same applies for windows... by default anyone who has physical access can read all your data... it's nothing different here...

  4. #4
    Join Date
    Dec 2004
    Location
    Winter Garden, FL - USA
    Beans
    129
    Distro
    Ubuntu 9.04 Jaunty Jackalope

    Re: LiveCD login sudo access allows security breach ?

    Yes, this is normal behavior.

    You have booted into the LiveCD and mounted the hard disk. Then using sudo (which provides root access) you have modified a file on the mounted system.

    This is normal. You need root access to mount filesystems and perform other tasks, even in the live CD. As it was said before, you will need to take additional measures on your system if you are concerned that just anyone with a live CD can access/modify/copy/delete files on your harddrive.

  5. #5
    Join Date
    Feb 2007
    Location
    New Zealand
    Beans
    232
    Distro
    Ubuntu 9.04 Jaunty Jackalope

    Re: LiveCD login sudo access allows security breach ?

    In the spirit of
    ***Locks keep honest people out***

    you could change your bios not to allow the system to boot from media other than your hard-drive and password your bios so that it requires the password every time you boot.

    Yes I know their are plenty of ways to reset the bios password but.. If it makes you sleep better at night do it.
    Windows XP is like an 8" FDD, kept for compatibility but is no longer required.
    www.linux-books.us/ Free Linux books a great source of information viewable . in PDF
    Ubuntu User 23555

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •