i admire knoppix' security. not only is there a great deal of security with the live cd (read only drives, no servers like ssh or apache running), also most of the "boot access is root access" security issues i was able to find information about are already fixed in my hd install. single user mode requires root to specify a password, init=/bin/bash causes kernel panic, linux.old is skipped when writing lilo to the mbr. however there is one thing i'd suggest for future releases of knoppix: if the root of a fresh knoppix install decides to use "password=topsecretpassword" in /etc/lilo.conf it will be visible to all users unless he chmods the file to 600. in future versions of knoppix that file should have 600 by default. after all especially since pc-welt and ct released knoppix with the recent issues of their magazines there will be more unexperienced linux users. hope i helped making knoppix even more secure than it already is :) regards --lasty
Attachment:
signature.asc
Description: This is a digitally signed message part