yea, id also like to see how on earth Valdis calls this some kinda new 'root' problem... i dont see any problem with this, specially on THIS type of system.. intended to teach people how to use Linux.
On 19 November 2011 06:32, Olivier <[email protected]> wrote: > On 11/18/2011 03:10 PM, Dan Kaminsky wrote: >> >> >> On Fri, Nov 18, 2011 at 5:01 AM, <[email protected] >> <mailto:[email protected]>> wrote: >> >> On Thu, 17 Nov 2011 15:53:41 CST, C de-Avillez said: >> >> > There is no guest account on an Ubuntu server, so at least there >> > this is not a real/perceived risk. >> >> And nobody's *ever* installed the desktop version on a server >> because they didn't >> know any better, especially from Ubuntu's target audience. Gotcha. ;) >> >> >> OK, seriously. If you're sitting in front of a machine that's >> presenting you a login prompt, you've got enough privileges to insert a >> bootable USB/CD and pull all the data / make yourself an account >> (FDE/Bios PW notwithstanding). > > My disk is password protected, and the whole system (except /boot) is > encrypted. Ubuntu guest account is definitively the best way to hack a > running laptop (or workstation). > > -- > Olivier > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
