Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


huuh? | 17 comments | Create New Account
Click here to return to the 'huuh?' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
huuh?
Authored by: charon on Mar 31, '02 10:38:23PM
No, it is not. I know SCO OpenServer5, which is a Unix system that can be installed according to different safety standards (with C2 = 'military grad' as the highest safety level). Even on the lowest (traditional Unix) safety level, it is not possible to boot SCO5 in single user mode and get to a shell without entering the root password. AFAIK, Linux and other Unix systems behave this way. If not, breaching system security (worse) undetected (much worser!!!) would be very, very easy. While it is always possible to break system security when you have physical access to a server, on SCO5 you have to remove the disk array and mount it on a different system. In this case, a security breach can be at least detected (missing drives; broken drive hatches, if locked; ..).* If booting into single user mode gives you some or all root privileges without root password, an attacker would simply install a backdoor mechanism to the system, which might be very difficult to detect. No need to change the root password or remove disks.. IMHO if you "lose" the root password and there is a way to get it "back" (reseting or changing it) without having to reinstall the system from ground up, the system is not trustworthy in terms of security.. Just my $0.02 *) You can prevent that stolen disks are "useful" for thieves, if you encrypt the filesystem (don't know, if this is possible on OS X).

[ Reply to This | # ]