-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 13-Jun-2002/17:50 -0400, Jon Gaudette <[EMAIL PROTECTED]> wrote: >This is great and all for in this case, when you forget your password, >but what about the security implications of this? Can't just "any ol' >user" do this and gain root privledges?
Yes, that's why you need to control physical access to the machine. LILO provides a way to password protect changes to the boot sequence. GRUB should have something similar. A person with physical access can do lots of things to the machine, including spilling a drink into it or opening it up and taking the hard disk. The possiblity that they might change the root password is just one of many possible risks. Tony - -- Anthony E. Greene <mailto:[EMAIL PROTECTED]> OpenPGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 239D AOL/Yahoo Chat: TonyG05 HomePage: <http://www.pobox.com/~agreene/> Linux: the choice of a GNU Generation. <http://www.linux.org/> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Anthony E. Greene 0x6C94239D <[EMAIL PROTECTED]> iD8DBQE9CRbEpCpg3WyUI50RAvdqAJ9OHgY04z453D/CiuQiIl2a7Qe/1QCfViJe OoK/vm92TyuMY11wLM6SU+M= =XaLb -----END PGP SIGNATURE----- _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
