Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Completely standard' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Completely standard
Authored by: Anonymous on Dec 19, '00 08:49:40PM

This is a standard feature of all unix implementations, as it should be. There is essentially no way of securing a
computer against someone with physical access to it; at the very most, you may introduce the inconvenience of
removing the hard drive from your machine and mounting it on some other computer which they already control.

Given that you cannot trust any computer, running any existing operating system, to be safe against an attacker
with physical access, this really is a feature, and not a bug.



[ Reply to This | # ]
Different, though, for Mac OS users!
Authored by: robg on Dec 19, '00 09:15:07PM

I guess I just need to start thinking that way (that it's normal). My first thought was "geez,
someone could steal all my data files." Well, of course they can do that under 9.0 as well,
and I never worried about it there!

I was also considering how will I get back into the machine if this were to happen ... guess
that's simple; just repeat the process!

It is indeed a brave new world for the longtime Mac OS crowd - and it's quite interesting!



[ Reply to This | # ]
huuh?
Authored by: charon on Mar 31, '02 10:38:23PM
No, it is not. I know SCO OpenServer5, which is a Unix system that can be installed according to different safety standards (with C2 = 'military grad' as the highest safety level). Even on the lowest (traditional Unix) safety level, it is not possible to boot SCO5 in single user mode and get to a shell without entering the root password. AFAIK, Linux and other Unix systems behave this way. If not, breaching system security (worse) undetected (much worser!!!) would be very, very easy. While it is always possible to break system security when you have physical access to a server, on SCO5 you have to remove the disk array and mount it on a different system. In this case, a security breach can be at least detected (missing drives; broken drive hatches, if locked; ..).* If booting into single user mode gives you some or all root privileges without root password, an attacker would simply install a backdoor mechanism to the system, which might be very difficult to detect. No need to change the root password or remove disks.. IMHO if you "lose" the root password and there is a way to get it "back" (reseting or changing it) without having to reinstall the system from ground up, the system is not trustworthy in terms of security.. Just my $0.02 *) You can prevent that stolen disks are "useful" for thieves, if you encrypt the filesystem (don't know, if this is possible on OS X).

[ Reply to This | # ]
Help on commands
Authored by: shadowmyst on Jul 29, '04 09:58:08PM

i am running 10.3.4 and i did not do the initial installation on this machine.. I have an account with admin rights.. but as far as root i dont know the password.. when i try the above steps it a doesnt go to localhost% is goes to root# when i enter the commands as stated it mounts the drive successfully and it also initializes through the SystemStartup then on the passwd root it just drops the carrier down and provides no information to enter the new password or any errors.. just allow to type continuously until hitting ctrl-c at which you return to the prompt.. please help



[ Reply to This | # ]