Re: crypting a whole filesystem or directory?
>>> linux (unix) is a quite secure system. But if somebody can get directly
>>> to the server-computer, then it is easy to reboot computer to dos with a
>>> boot disk, and use 2e-filesystem tools to get all files they want, like
>>> shadowed password file, or any other only root-readable files.
>> It can be done much easier, just put the linux boot disk (from any
>> distribution) into the floppy, reboot the system, then mount
>> the hard disk from the root's shell and the whole HD is yours without
>> using any other OS !!!
>You can avoid this on many computers by disabling the "boot from floppy"
>option in the BIOS and protect your BIOS by a password. Most recent PCs
>moreover have the option for a special boot password in their BIOS to
>prevent booting by unauthorized persons at all. However this does not
>help if someone will takeoff the hard-disk from your server.
Or, just short the jumper to clear the CMOS out. Then, just re-autodetect
everything and you're set to go.
Short of encrypting the filesystem itself, I have yet to find a way to
secure things under Linux.... But if anyone has any ideas, I'd be *more*
than glad to hear them....
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
Trouble? e-mail to email@example.com .