Hey, was just reading up on changing password complexity and I stumbled upon this:
https://help.ubuntu.com/11.04/ubuntu...npassword.html
Isn't that a big security risk? Assuming someone gets a hold of the physical box/laptop?
Hey, was just reading up on changing password complexity and I stumbled upon this:
https://help.ubuntu.com/11.04/ubuntu...npassword.html
Isn't that a big security risk? Assuming someone gets a hold of the physical box/laptop?
physical access is root access for any system.
If someone gets hold of your safe they will eventually get into it
If it wasnt the way it was it would only take the time it takes to boot to a live CD to get access to data and change passwwords anyways (unless encryption is used of course)
Peace
Backtrack - Giving machine guns to monkeys since 2006
Kali-Linux - Adding a grenade launcher to the machine guns since 2013
Welcome to the forums!
If someone has physical possession of your computer, and your data is unencrypted, then all of your data is theirs.
Requiring a password for recovery mode would create a false sense of security (locking the window when the door is wide open), and makes it more complicated to perform legitimate system admin tasks (such as recovering after a lost password).
Firstly, there has to be some way to get into the box if you forget your password. There is such a thing as too stringent security measures.
Secondly, if someone gets physical acces to the box, there are more ways than that to do dastardly things to it. Booting from a CD is just one.
Michael
Physical access is the mother of all security issues.
Please read The Forum Rules and The Forum Posting Guidelines
A thing discovered and kept to oneself must be discovered time and again by others. A thing discovered and shared with others need be discovered only the once.
This universe is crazy. I'm going back to my own.
Bookmarks