securing an Ubuntu box in a shared office?
Florian Diesch
diesch at spamfence.net
Sat Jul 8 02:44:06 UTC 2006
Eric Hanchrow <offby1 at blarg.net> wrote:
>>>>>> "Anonyma" == Anonyma <anon-bounces at deuxpi.ca> writes:
>
> Anonyma> I know that anyone who can get into a computer can make
> Anonyma> it insecure (by putting the hard drive in another machine
>
> Encrypting the hard drive should protect against that. Look at the
> "encfs" package.
>
> Anonyma> 1. set a BIOS password
>
> I suspect that doesn't really protect against anything.
It protects against an attacker changing your boot device order to boot
from some removable media.
> Anonyma> 2. set a GRUB password so no-one else can boot it into
> Anonyma> single-user mode
>
> Ditto -- if they might take out your hard disk, then you gain little
> by preventing them from logging in as root.
At least they *have to* take out the hard disk which is much more
difficult and conspicuous than just rebooting.
> Anyhow, doesn't booting single-user demand a password anyway?
Using the "init=/bin/bash" kernel parameter doesn't.
Florian
--
<http://www.florian-diesch.de/>
More information about the ubuntu-users
mailing list