Page 2 of 32 FirstFirst 123412 ... LastLast
Results 11 to 20 of 315

Thread: Physical access is root access

  1. #11
    Join Date
    Sep 2007
    Beans
    75

    Re: root shell without username and password!!!

    Here are some other tips though:

    • Set a BIOS password.
    • Disable booting from anything other than the HDD.
    • Enable a HDD password if your BIOS supports it, this offers marginally better security than the BIOS password.
    • Set a root password that is different from your other passwords using sudo passwd.
    • Set a GRUB password.
    • Hope that someone doesn't come up to the machine with a screwdriver, because you're hosed if they do.

  2. #12
    Join Date
    Jul 2007
    Location
    Norway
    Beans
    83
    Distro
    Ubuntu 8.04 Hardy Heron

    Recovery mode means root access without password?

    Why am I able to start Recovery mode and logging in as root without even getting prompted for password? I feel this is insanly unsafe to have on a computer, but why?

  3. #13
    Join Date
    Apr 2006
    Beans
    313

    Re: Recovery mode means root access without password?

    Quote Originally Posted by frodemt View Post
    Why am I able to start Recovery mode and logging in as root without even getting prompted for password? I feel this is insanly unsafe to have on a computer, but why?
    I don;t know why, but follow the link in my signature to close that hole.
    If the advice you're given in this forum solves your issue, please mark the post as [SOLVED] in consideration to others.
    Registered Linux User: 448689 | How To: Secure the GRUB Boot Loader
    [ Acer Aspire 5535 | Arch Linux x86_64 | Compiz WM ]

  4. #14
    Join Date
    Jul 2007
    Location
    Norway
    Beans
    83
    Distro
    Ubuntu 8.04 Hardy Heron

    Re: Recovery mode means root access without password?

    Good guide you have there munkyeetr. I hope that this issue is adressed and taken seriously by Ubuntu developers. Right now I use BIOS password on my desktop and my laptop, but no password on my server. I wont have direct access to that server before june, so it will be open to attack until then.

  5. #15
    Join Date
    Apr 2005
    Location
    Finland/UK
    Beans
    Hidden!
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: Recovery mode means root access without password?

    It doesn't really make any difference security-wise, but makes fixing some possible problem situations a lot easier.

    The recovery mode requires physical access to the computer, and when somebody has that your security is already completely gone (unless you use encrypted file system or something).

    When somebody has physical access to the machine he can access all your files by just popping in some live-CD and booting the machine with that and then mounting your disks from there.

    BIOS passwords are pretty much useless as clearing them takes less than 30 seconds to do. Actually most new motherboards have a button or jumper for clearing CMOS settings, but if there is none simply removing the CMOS battery and cutting power from the machine for 15 minutes will do the trick.

    Grub password is a bit better, but the live-CD way still works just as easily as with no password.

    And last, if everything else fails, it's still possible to just open the case and take the hard disk out & move it to another machine and access your files that way.

    If you want to secure your machine, the first rule is to keep everybody you can't trust away from the computer. If you can't do that, then disable booting from CD's and external drives in BIOS (or, even better, remove the drive completely), set BIOS password and GRUB password, lock the case and make sure nobody has enough time alone with the machine to break the lock.

  6. #16
    Join Date
    Mar 2008
    Location
    Earth
    Beans
    Hidden!
    Distro
    Ubuntu 11.04 Natty Narwhal

    Re: Recovery mode means root access without password?

    Good post mcduck.

    If you are a paranoid type - you could always go for full disk encryption. Complicates matters if you lose your keys but at least it is safe.

  7. #17
    Join Date
    May 2007
    Beans
    7,032
    Distro
    Ubuntu 9.10 Karmic Koala

    Re: Recovery mode means root access without password?

    Just to reiterate what mcduck said:

    A password-locked single-user mode isn't going to make the tiniest bit of difference to any serious attacker.
    I am aware of all internet traditions. | Getting the best help | Text formatting codes | My last.fm profile
    Should I PM support questions? NO!

  8. #18
    Join Date
    May 2005
    Location
    US
    Beans
    Hidden!
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Recovery mode means root access without password?

    Quote Originally Posted by p_quarles View Post
    Just to reiterate what mcduck said:

    A password-locked single-user mode isn't going to make the tiniest bit of difference to any serious attacker.
    Especially one who has physical access to your computer.

  9. #19
    Join Date
    Apr 2006
    Beans
    313

    Re: Recovery mode means root access without password?

    It's still a hole that doesn't need to be there.
    If the advice you're given in this forum solves your issue, please mark the post as [SOLVED] in consideration to others.
    Registered Linux User: 448689 | How To: Secure the GRUB Boot Loader
    [ Acer Aspire 5535 | Arch Linux x86_64 | Compiz WM ]

  10. #20
    Join Date
    May 2005
    Location
    US
    Beans
    Hidden!
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Recovery mode means root access without password?

    Quote Originally Posted by munkyeetr View Post
    It's still a hole that doesn't need to be there.
    No, it's not.

    It's a way to rescue your system--that's why it's called recovery mode.

    Perhaps it bears repeating--giving someone with a bit of technological knowledge physical access to your system is giving that person root access, whether recovery mode is a boot menu option or not, or passworded or not.

    Mac OS X has this, too. If you press Cmd-S during boot-up, you boot into single-user mode, which is basically recovery mode.

    If you want your data secure, don't give people physical access to your computer, and do encrypt your data. Otherwise, all you're getting is the illusion of security, like when my dad thought his fingerprint authentication on his IBM Thinkpad was so clever, and all I did was boot a Knoppix live CD on it and could see all his files--he was outraged that the "security" could be so easily bypassed. I had physical access to his laptop and thus had root access.

Page 2 of 32 FirstFirst 123412 ... LastLast

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •