Re: Comments on security, Re: recover lost root password

To: debian-user@lists.debian.org
Subject: Re: Comments on security, Re: recover lost root password
From: Frank Gevaerts <frank@gevaerts.be>
Date: Sun, 9 Mar 2003 11:23:52 +0100
Message-id: <[🔎] 20030309102351.GA18371@gevaerts.be>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 20030309094604.16176.qmail@web8102.in.yahoo.com>
References: <[🔎] 20030309011542.GB9785@wacka.mjr.org> <[🔎] 20030309094604.16176.qmail@web8102.in.yahoo.com>

On Sun, Mar 09, 2003 at 09:46:03AM +0000, Satish Iyer wrote:
> Hi,
>    I am new user of Debian Gnu/Linux. I have
> successfully setup and started using the system (my
> understanding and knowledge grows day by day).
> To my current understanding security seems to be a
> major drawback of gnu/linux systems.(How else can you
> explain such gaping holes?).

_Ayy_ computer system that does not encrypt everything is vulnerable
once you have access to the computer itself. 

> I am also inherently suspicious of anything that goes
> by "free" (Please try to convince me otherwise).
> As I see it an adminstrator has his task cut out for
> him to ensure the security and confidentiality of the
> organization. (Gnu/Linux doesn't make things easy in
> this crucial aspect!). 

The first thing to do is to put a lock on the server room door. If this
is not possible, there's little a system administrator can do.

Frank

> Is there a gnu/linux community concerned with these
> issues?
> Regards,
> Satish
>  --- Hugh Saunders <hugh@mjr.org> wrote: > On Sat, Mar
> 08, 2003 at 04:41:36PM -0800, Carla
> > Schroder wrote:
> > > Well here's a good one, is there a way to get into
> > a system when
> > > you've lost the root password? Without a CD or
> > boot floppy? Used to be
> > > you could pass in "init=/bin/sh" from LILO, and
> > work some /etc/shadow
> > > magic. (like copy the hashed root password from a
> > different system)
> > > But GRUB is different...
> > I just tried that from GRUB [selected the menu item
> > hit 'e' to edit on
> > the kernel line appened init=/bin/sh then 'b' to
> > boot] hey-presto no
> > flippin password needed! and there was me thinking
> > my laptop was almost
> > secure!!
> > 
> > how can i prevent this from working? 
> > [apart from bios password]
> > 
> > hugh
> > 
> > 
> > -- 
> > To UNSUBSCRIBE, email to
> > debian-user-request@lists.debian.org 
> > with a subject of "unsubscribe". Trouble? Contact
> > listmaster@lists.debian.org
> >  
> 
> ________________________________________________________________________
> Missed your favourite TV serial last night? Try the new, Yahoo! TV.
>        visit http://in.tv.yahoo.com
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- Re: recover lost root password
  - From: Hugh Saunders <hugh@mjr.org>
- Comments on security, Re: recover lost root password
  - From: Satish Iyer <satish_tech2001@yahoo.co.in>

Prev by Date: Re: Comments on security, Re: recover lost root password
Next by Date: Re: Howto find the Agfa SnapScan 1212p
Previous by thread: Re: Comments on security, Re: recover lost root password
Next by thread: Re: Comments on security, Re: recover lost root password
Index(es):
- Date
- Thread