Page 3 of 32 FirstFirst 1234513 ... LastLast
Results 21 to 30 of 315

Thread: Physical access is root access

  1. #21
    Join Date
    Apr 2006
    Beans
    313

    Re: Recovery mode means root access without password?

    Granted, someone with physical access and enough time can get by any security, or they could just remove the hard drive as has been stated, but...

    At least with it password protected you are requiring someone to use a LiveCD (or similar boot method, which you can slow down by using a BIOS password)

    At least with it password protected you are requiring more work and more time as opposed to less than 2 minutes it would take to reboot into recovery mode and run rm -rf / I would be more worried about someone who wanted to quickly come in a wreck something, than someone who has hours to work at it. They are more likely to do damage just for damage sake. Someone who has hours, has time to dismantle your security and there isn't much you can do about that. With this hole there is something you can do about it.

    And I don't know how you can say that providing root access without authentication of any kind isn't a hole? No matter how remote the chance, it is an opening, thus a hole in an otherwise secure system.

    Suppose you had an internet cafe style setup with a dozen machines. You'd want to secure this up then wouldn't you?

    You guys seem to really be taking offense to someone talking about this, or even questioning it.
    If the advice you're given in this forum solves your issue, please mark the post as [SOLVED] in consideration to others.
    Registered Linux User: 448689 | How To: Secure the GRUB Boot Loader
    [ Acer Aspire 5535 | Arch Linux x86_64 | Compiz WM ]

  2. #22
    Join Date
    May 2005
    Location
    US
    Beans
    Hidden!
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Recovery mode means root access without password?

    It's a simple difference of opinion as to what should be the default.

    Ubuntu is not requiring that you not slow people down. It's just not defaulting to slowing down. If you have an internet cafe, you probably have the machines locked down behind a door in the desk, anyway, but you always have the option to add a root password, set a password in the BIOS, or implement other slow-down mechanisms. Ubuntu certainly cannot do anything about your BIOS.

    In all honesty, I prefer the Apple approach to it. Don't have it simply be a menu item you can accidentally select, but make it some key combination you have to hold down to get into. This isn't for security reasons but usability ones. If a new user not familiar with the command-line happens to accidentally select recovery mode, she'll just be stuck at a root-privileged command-line with no idea what to type.

  3. #23
    Join Date
    Apr 2006
    Beans
    313

    Re: Recovery mode means root access without password?

    And I personally think it should be secured by default, but like you say it a difference in opinion.

    We can agree to disagree...for now! LOL .
    If the advice you're given in this forum solves your issue, please mark the post as [SOLVED] in consideration to others.
    Registered Linux User: 448689 | How To: Secure the GRUB Boot Loader
    [ Acer Aspire 5535 | Arch Linux x86_64 | Compiz WM ]

  4. #24
    Join Date
    Apr 2007
    Location
    Bangalore
    Beans
    Hidden!
    Distro
    Ubuntu Development Release

    Arrow Re: Recovery mode means root access without password?

    Quote Originally Posted by aysiu View Post
    No, it's not.

    It's a way to rescue your system--that's why it's called recovery mode.

    Perhaps it bears repeating--giving someone with a bit of technological knowledge physical access to your system is giving that person root access, whether recovery mode is a boot menu option or not, or passworded or not.

    Mac OS X has this, too. If you press Cmd-S during boot-up, you boot into single-user mode, which is basically recovery mode.

    If you want your data secure, don't give people physical access to your computer, and do encrypt your data. Otherwise, all you're getting is the illusion of security, like when my dad thought his fingerprint authentication on his IBM Thinkpad was so clever, and all I did was boot a Knoppix live CD on it and could see all his files--he was outraged that the "security" could be so easily bypassed. I had physical access to his laptop and thus had root access.
    I too agree with this.. Nice post and a detailed explanation..

    Only if one has physical access to the system then its possible.. But Grub can always be protected with a password...

  5. #25
    Join Date
    May 2007
    Beans
    7,032
    Distro
    Ubuntu 9.10 Karmic Koala

    Re: Recovery mode means root access without password?

    Quote Originally Posted by bhavi View Post
    Only if one has physical access to the system then its possible.. But Grub can always be protected with a password...
    That is no more effective than a fingerprint reader. Booting from a removable disk will skip the hard disk's bootloader completely.
    I am aware of all internet traditions. | Getting the best help | Text formatting codes | My last.fm profile
    Should I PM support questions? NO!

  6. #26
    Join Date
    Apr 2007
    Location
    Bangalore
    Beans
    Hidden!
    Distro
    Ubuntu Development Release

    Re: Recovery mode means root access without password?

    Quote Originally Posted by p_quarles View Post
    That is no more effective than a fingerprint reader. Booting from a removable disk will skip the hard disk's bootloader completely.
    Yes... I know... but there is no way to stop social engineering and one gaining physical access to a system.. Only user awareness is the way out I think...

  7. #27
    Join Date
    May 2007
    Location
    Phoenix,AZ
    Beans
    Hidden!
    Distro
    Ubuntu 9.04 Jaunty Jackalope

    Re: Recovery mode means root access without password?

    This is why physical security is so important. Even a bios password is easy to get around. The lesson here is to prevent physical access to the computer by unauthorized users.

    If you want to safe guard it in the case it gets lost or stolen then you could encrypt the drive. This is why companies are now enforcing whole disk encryption on all devices that leave the building and lose their physical security layer. Hard drive encryption is just a good idea anyway and should have been a standard on end user computing devices a long time ago.

  8. #28
    Join Date
    May 2005
    Location
    indonesia
    Beans
    149
    Distro
    Ubuntu 7.04 Feisty Fawn

    Re: Recovery mode means root access without password?

    The way I see it is that security is based on need. The Internet cafe people like me, lock the pc in the drawer for security reason, It prevent kleptomaniac from stealing the pc or any part of it. But when it come to the system, there's no secret in it, and if anyone managed to do some damage, it can always be restored.
    Not everyone need to lock up their pc on a room with armed personel guarding it 24/7, or encypt their disks, it just too unpractical.
    I keep recovery mode coz it very handy when i need it mostly for fsck, I dont have cdrom or floppy installed on every computers. And I do forget passwords. Recovery mode is a hole that available when we can't enter from the other hole. But I consider removing it from menu.list when i have linux bootable usb flashdrive, some day.
    Leaving a laptop unattended is as risky as having your door home open while you're away, you can only hope that your system is still running ok, or better yet, you can pray that your laptop is still there.

    Measure your security level and be happy with it. Remember that in your hands lies the safety of the world, or the safety of your family photos.

    BTW, I can't imagine someone would waste his time booting my pc, press esc, wait a while and type sudo rm -rf.
    Last edited by BatsotO; March 24th, 2008 at 01:32 AM.

  9. #29
    Join Date
    Oct 2006
    Beans
    18

    Question Root access without password

    If I choose to start in terminal with safe mode (in the Grub menu) I have root access without asking me for a password.

    How can I change this?

    PS: Using Ubuntu 7.10

  10. #30
    Join Date
    May 2006
    Beans
    Hidden!

    Re: Root access without password

    I haven't tried, but I assume that if you set a root password you'll be prompted for the password.

    If you're root - "passwd root" otherwise "sudo passwd root"

Page 3 of 32 FirstFirst 1234513 ... LastLast

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •