Security hole
Jason L Tibbitts III
tibbs at math.uh.edu
Fri Dec 9 14:50:22 UTC 2005
>>>>> "PS" == Paul Smith <phhs80 at gmail.com> writes:
PS> I have noticed that from SLAX liveCD, one has total and
PS> free access to the home partition of all Linux (Fedora) accounts
PS> in the hard-disk of the computer.
If you can boot a machine with the media of your choice and that
machine doesn't require some soft of external input to access
encrypted data then you have free run of it. It doesn't really matter
what OS you're running on it. They could just as well pull out the
hard drive and access it at their leisure. If they have physical
access to a machine, they can do what they will. There's nothing
special about the SLAX CD or even Linux that allows this.
PS> In this way, with a SLAX disk, everyone can spy all accounts in
PS> the hard-disk. How can this be prevented?
The basic measure is to password protect the BIOS and disable booting
from anything but the hard drive. It is theoretically possible to
encrypt all of the drives and then either require user input or the
presence of some external device like a USB fob containing encryption
keys. Perhaps there's a more paranoid Linux distro out there which
supports this.
- J<
More information about the fedora-list
mailing list