Security hole

[Antonio Olivares]

--- Thomas Cameron <thomas.cameron at camerontech.com>
wrote:

> On Fri, 2005-12-09 at 13:58 +0000, Paul Smith wrote:
> > Dear All
> > 
> > I have noticed that from SLAX liveCD, one has
> total and free access to
> > the home partition of all Linux (Fedora) accounts
> in the hard-disk of
> > the computer. In this way, with a SLAX disk,
> everyone can spy all
> > accounts in the hard-disk. How can this be
> prevented?
> 
> If someone has physical access to your machine, they
> own your machine.
> Period.  If they can boot off a CD, they own your
> machine.
> 
> You can do some stuff like make it so your computer
> won't boot off CD,
> and then password protect the BIOS.  That comes
> closer.  But if someone
> can lay hands on your machine, all they need to do
> is pop the drive and
> they own your data.
> 
> TC
> 
> -- 
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe:
> https://www.redhat.com/mailman/listinfo/fedora-list
> 

Paul,
   Did you install LVM automatically from within
Anaconda?  Because if you did, Slax, Knoppix, Kanotix
or any other livecd out there can detect the
partitions but not access them except the /boot
partition where grub resides and you can make minor
corrections.  I also use SLAX and have tried to view
the partitions and it only allows me to view /boot
partition /dev/hda1 which is mounted on /mnt/hda1. 
Kanotix see's all the partitions but is very selective
as to allow read/write, by default the partitions are
not mounted and one has the option to open read only
or read/write.

My guess is that you do not have LVM partitions. 
Otherwise Slax cannot access them except for boot
partition.

Best Regards,

Antonio


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com