System security and physical access.

James Wilkinson james at westexe.demon.co.uk
Wed Sep 29 23:52:44 UTC 2004


Marc Adler wrote:
> I have Explore2fs on the WinXP side, so I can access all parts of the
> Linux partition on my system. (Boy, that application makes a joke of
> security, doesn't it?)

Not really. It makes obvious what is already known: if someone has
physical access to a machine, they have a huge amount of power. If
they want, they can even replace the hard drive, or take a byte-by-
byte copy and analyse it later.

Likewise, if they have suitable privileges on another OS on the same
machine [1], they can get raw access to any drive on the machine.

There are really only three answers to this:

 * Don't let anyone untrusted have physical access to sensitive
   computers.

 * On multi-boot machines, you need to keep security tight for ALL OSes.

 * Encrypt sensitive data, and ensure that the key is not stored on the
   computer. This probably also implies having encrypted swap.

I'm sorry I can't help you with your main problem: I don't know 
Partition Commander. It's possible that Partition Commander has made
unwarranted assumptions: it sees grub the package, and assumes you'll
want to use it to boot.

James.

[1] Barring virtualisation sotware and hardware, and the limits they
may apply.

-- 
E-mail address: james | Let He who Taketh the Plunge
@westexe.demon.co.uk  | Remember to Return it by Tuesday.




More information about the fedora-list mailing list