|
|
huuh?
No, it is not. I know SCO OpenServer5, which is a Unix system that can be installed according to different safety standards (with C2 = 'military grad' as the highest safety level).
Even on the lowest (traditional Unix) safety level, it is not possible to boot SCO5 in single user mode and get to a shell without entering the root password. AFAIK, Linux and other Unix systems behave this way. If not, breaching system security (worse) undetected (much worser!!!) would be very, very easy.
While it is always possible to break system security when you have physical access to a server, on SCO5 you have to remove the disk array and mount it on a different system. In this case, a security breach can be at least detected (missing drives; broken drive hatches, if locked; ..).*
If booting into single user mode gives you some or all root privileges without root password, an attacker would simply install a backdoor mechanism to the system, which might be very difficult to detect. No need to change the root password or remove disks..
IMHO if you "lose" the root password and there is a way to get it "back" (reseting or changing it) without having to reinstall the system from ground up, the system is not trustworthy in terms of security..
Just my $0.02
*) You can prevent that stolen disks are "useful" for thieves, if you encrypt the filesystem (don't know, if this is possible on OS X).
|
SearchFrom our Sponsor...Latest Mountain Lion HintsWhat's New:HintsNo new hintsComments last 2 daysLinks last 2 weeksNo recent new linksWhat's New in the Forums?
Hints by TopicNews from Macworld
From Our Sponsors |
|
Copyright © 2014 IDG Consumer & SMB (Privacy Policy) Contact Us All trademarks and copyrights on this page are owned by their respective owners. |
Visit other IDG sites: |
|
|
|
Created this page in 0.14 seconds |
|