Root! Root! Root!

devaude ulist at gs1.ubuntuforums.org
Sat Aug 27 07:13:06 UTC 2005


Hi,



the thing with the Grub Password or the BIOS password is not really
secure...

I will show you another scenario...

I have a notebook with a crypto filesystem. During the boot you have to
enter the Passphrase of the Crypto Device. I you enter a wrong passwd
fsck fails on this system an the checkfs script does a sulogin (without
passwd). So you see, even if you protected the boot loader, that it can
only load the default system without passwd, I have only to type a
wrong passphrase for crypto device and I am root and the fun begins.. 
:roll: 

What can I do to avoid this bad situation??



Regards

Devaude


-- 
devaude




More information about the ubuntu-users mailing list