Burton M. Strauss III wrote:
You can't ... well, the grub password may prevent the trivial case, but ifHere are the things to do--
you have physical access to the hardware, you have the keys to the universe.
(What would stop Mr/Ms Cracker from bring his/her OWN grub floppy?)
-----Burton
-----Original Message-----
From: camthompson [mailto:[EMAIL PROTECTED]]
Sent: Saturday, January 25, 2003 12:45 AM
To: [EMAIL PROTECTED]
Subject: security scenario
consider this (I'm trying to make a network more secure) :
A user enters grub upon bootup and hits "e" to edit the Linux boot
procedure and then continues to boot into single user mode, and he then
chagnes the root password to whatever he suits.... the user who did this
is eventually tracked down and taken care of.
Now, how would I prevent this from happening in future instances?
1) Password protect GRUB
2) Disable booting from floppies/cdroms in BIOS.
3) Password protect BIOS
4) Padlock case shut.
This is assuming this is a workstation. For a server, please lock it in a room >:-)
