Re: Small security option

From: Richard B. Johnson
Date: Thu Sep 18 2003 - 06:17:37 EST

Next message: Stephan von Krawczynski: "Re: experiences beyond 4 GB RAM with 2.4.22"
Previous message: Thomas Winischhofer: "Re: PCI (USB) problem on a laptop"
In reply to: bert hubert: "Re: Small security option"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 17 Sep 2003, John R Moser wrote:

> Why wasn't this done in the first place anyway?
>
> Some sysadmins like to disable the other boot devices and password-protect
> the bios. Good, but if the person can pass init=, you're screwed.
>
> Here's a small patch that does a very simple thing: Disables "init=" and
> using /bin/sh for init. That'll stop people from rooting the box from grub.
>
> The file is attatched.

No. I can still boot your box, mount your root file-system, and
change the root password, all without you even knowing it.
If I have physical control of a computer, I own it. I can
do anything I want with it. If you could really prevent
somebody from "breaking in", then you can never sell it and
you are screwed if the password file gets corrupt (you would have
to throw everything away).

This patch is not useful.

Cheers,
Dick Johnson
Penguin : Linux version 2.4.22 on an i686 machine (794.73 BogoMips).
Note 96.31% of all statistics are fiction.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Stephan von Krawczynski: "Re: experiences beyond 4 GB RAM with 2.4.22"
Previous message: Thomas Winischhofer: "Re: PCI (USB) problem on a laptop"
In reply to: bert hubert: "Re: Small security option"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]