Re: Root password security

To: debian-user <debian-user@lists.debian.org>
Subject: Re: Root password security
From: "Stephen J. Carpenter" <sjc@delphi.com>
Date: Thu, 15 Oct 1998 15:50:17 -0400
Message-id: <[🔎] 19981015155017.B8984@lenny.mgh.harvard.edu>
Mail-followup-to: debian-user <debian-user@lists.debian.org>
In-reply-to: <[🔎] Pine.LNX.3.96.981015153142.17948B-100000@oi.8i8.net>; from Thomas Lakofski on Thu, Oct 15, 1998 at 03:36:13PM +0000
References: <[🔎] 3625F7F4.50BB302@singnet.com.sg> <[🔎] Pine.LNX.3.96.981015153142.17948B-100000@oi.8i8.net>

On Thu, Oct 15, 1998 at 03:36:13PM +0000, Thomas Lakofski wrote:
> Physical security of the box in question is the only real measure you can
> take (lock it in a box).  Failing this, get a machine (some newer Compaq
> workstations have this) that lets you restrict floppy booting with BIOS
> and has a software case-lock.
> 
> It's hard to suggest any other measures other than physical security -- if
> you take out the floppy, someone can always put one in... but you may be
> able to work out something relatively simple which involves locking the
> case closed with a strong lock and then setting the BIOS to boot from hard
> disk first.

Well...you could damage the motherboard FDD controller...but that 
seems extreme :)

Could do that then wire the case with explosives...or a big electro magnet...

Short of setting up a system out of a James Bond Movie...
what about a cryptographic file system? I believe there are 
patches for such a thing...

afterall...if they can use a boot disk and read/write the drive (ie to 
wipe the root password) then they can do anything else too...

-Steve

Reply to:

References:
- Root password security
  - From: ZS Choy <ccy1008@singnet.com.sg>
- Re: Root password security
  - From: Thomas Lakofski <tommy@8i8.net>

Prev by Date: StarOffice -or- Applixware 4.4.1
Next by Date: Re: StarOffice -or- Applixware 4.4.1
Previous by thread: Re: Root password security
Next by thread: GNOME apps error
Index(es):
- Date
- Thread