Re: "forgotten" root password
If you encrypt the drive they'll have to know the passphrase to unlock the drive to do anything.
Even dropping to a root shell via grub requires the disk to be unlocked. It's the best protection you have against physical access. All other methods can be bypassed rather easily.
edit: Flashing cmos will clear bios password, you then config it to boot of a cd, boot into live cd environment, remove the password on grubs menu.lst, reboot and drop to a root shell, install a rootkit and your done. With an encrypted hard drive the farthest they can get is removing the grub password (/boot remains unencrypted)
Last edited by jerome1232; October 4th, 2008 at 06:05 PM.
"You can't expect to hold supreme executive power just because some watery tart lobbed a sword at you"
"Don't let your mind wander -- it's too little to be let out alone."
Bookmarks