[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Security risks?



On Fri, 18 May 2007 18:59:22 +0200
Daniel Baumann <daniel at debian.org> wrote:

> neuhoff at mhccorp.com wrote:
> > Is this really a secure setup?
> 
> no :)

True.  But it's not as bad as it might at first appear.  You can't login
remotely to a livecd system.  And even if you were to start an ssh server,
you wouldn't be able to login to an account with no password set on it.
Basically, anyone with physical access to the machine would have root on
it unless the livecd contains software that is remotely exploitable, and
if that's the case, you have bigger problems than just not requiring a
password for sudo.

Ben
--
 ,-.  nSLUG    http://www.nslug.ns.ca   synrg at sanctuary.nslug.ns.ca
 \`'  Debian   http://www.debian.org    synrg at debian.org
  `          [ gpg 395C F3A4 35D3 D247 1387 2D9E 5A94 F3CA 0B27 13C8 ]
             [ pgp 7F DA 09 4B BA 2C 0D E0 1B B1 31 ED C6 A9 39 4F ]



Reply to: