On Fri, 2003-09-05 at 09:57, Jesse Keating wrote: > On Friday 05 September 2003 09:45, Clemens von Musil wrote: > > Since I am quite new into Linux, I perhaps have a stupid question... > > > > I played with /etc/pam.d/system-auth last week and evidently disabled > > all authentication methods... su didn't work and system login was > > impossible. > > > > I booted from the RedHat CD and found myself loged in as root without > > any given password and could repair the system.auth file. > > My question are: > > > > - How is this possible? > > - How works the described "CD-login" login? > > - And ... is anyone, armed with a RedHat CD, able to open any Linux > > system? > > You have booted a rescue CD that has been able to mount your root file > system, and chrooted you into it. This does bypass the authentication > processes. This is good/bad. If it didn't, you could effectively > damage your authentication methods, and leave you locked out of your > own system for good. > > Honestly, anybody that has physical access to your system, and is > capable of booting from anything other than your harddrive has access > to your system. If this is too insecure for you, A) set a bios > password to keep people from changing boot options (still overrideable > if the person has physical access to clear bios settings), and B) set a > grub password to keep anybody from entering single user mode which also > lets you into the system bypassing authentication methods. > ----- of if they can remove the hard drive from the case... Craig -- Shrike-list mailing list Shrike-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/shrike-list
