Mat Branyon <[EMAIL PROTECTED]> writes: and a BIOS password can be bypassed as well. (remove the hard drive. reset the BIOS) better to just protect rom physical intrusion unless your "threat model" is a relatively unskilled/unkowledgable attacker that would be easily thwarted by a grub/lilo password.
> That being the case, a BIOS password would be needed as well. I could > always pop in a knoppix cd and steal john's computer data ;) > > --mat > > On Fri, 2003-09-19 at 11:36, Kevin Bucknum wrote: >> > >> >Is there a way to stop someone with physical access to the box >> >from booting >> >into single user mode and changing the root password? I'm not >> >interested in >> >solutions that require setting a boot or poweron password in >> >the BIOS. I'd >> >like something that could be done in the Linux kernel, so as >> >to apply to >> >multiple platforms. >> >> Both Grub and Lilo have password options to prevent access. Downside is if >> the machine has to reboot due to power issues someone will have to be at he >> console. If the machine has bootable removable media then nothing will >> prevent it however. >> >> _______________________________________________ >> General mailing list >> [email protected] >> http://brlug.net/mailman/listinfo/general_brlug.net >> > _______________________________________________ > General mailing list > [email protected] > http://brlug.net/mailman/listinfo/general_brlug.net -- Scott Harney<[EMAIL PROTECTED]> "...and one script to rule them all." gpg key fingerprint=7125 0BD3 8EC4 08D7 321D CEE9 F024 7DA6 0BC7 94E5
