Re: Linux, BSD, and Unix are fundamentally insecure.

From: Dariusz Kuliński / TaKeDa (spam_goes_here_at_takeda.tk)
Date: 09/11/04

• Next message: Freeride: "Re: Linux, BSD, and Unix are fundamentally insecure."
• Previous message: Peter Matulis: "PPPoE and bridges"
• In reply to: Dave Uhring: "Re: Linux, BSD, and Unix are fundamentally insecure."
• Next in thread: Dave Uhring: "Re: Linux, BSD, and Unix are fundamentally insecure."
• Reply: Dave Uhring: "Re: Linux, BSD, and Unix are fundamentally insecure."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

Date: Fri, 10 Sep 2004 20:45:49 -0700

On Fri, 10 Sep 2004 15:23:10 -0500, Dave Uhring wrote:

>> On 10 Sep 2004 11:38:39 -0700, Mike Cox wrote:
>>> Linux's/BSD's/Unix's flaw is that it allows people to boot from the
>>> boat loader into a shell without requiring the root password.
>> Ok so you gave example of badly configured Linux machine.
> The Linux loader, lilo, can be configured with a password. But that still
> would not stop some cracker from booting from CDROM, mounting / and
> removing root's password from /etc/shadow and /etc/lilo.conf, then
> re-running lilo.

It looks like you don't understand what I'm saying.

>> What about BSD and other Unixes which you're talking about?
> No such OS, including Windows, is immune to root compromise when some
> cracker has console access.

I don't know what do you mean by console, (I guess like most people you
assuming that access to console is equal with sitting next to the
computer).
Well that's not always true. For example I have my FreeBSD configured to
have console on serial cable, so console could be even in different room.
If I mark console as insecure, there is no way you could do anything
without knowing root password, because you don't have physical access to
the computer, you just have access to console, no way to change bios
settings or inserting floppy, cdrom or removing hard drive.

-- 
takeda@IRCnet.EFnet, ICQ# 15827691, TLEN: taked4
EMAIL: 5570bmv02@NOsneakemailSPAM.com
(remove CAPITAL letters from email if you want to contact me)
*http://eggwiki.takeda.tk - pomoc w używaniu botów po polsku*

---

• Next message: Freeride: "Re: Linux, BSD, and Unix are fundamentally insecure."
• Previous message: Peter Matulis: "PPPoE and bridges"
• In reply to: Dave Uhring: "Re: Linux, BSD, and Unix are fundamentally insecure."
• Next in thread: Dave Uhring: "Re: Linux, BSD, and Unix are fundamentally insecure."
• Reply: Dave Uhring: "Re: Linux, BSD, and Unix are fundamentally insecure."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

Relevant Pages Re: Linux, BSD, and Unix are fundamentally insecure. ... >> Ok so you gave example of badly configured Linux machine. ... > The Linux loader, lilo, can be configured with a password. ... I don't know what do you mean by console, (I guess like most people you ... without knowing root password, because you don't have physical access to ... (comp.unix.bsd.freebsd.misc) Re: 16x8 consoles ... want is a LiLo. ... upper right of the console? ... age and the condition of its control components, power supply, etc. ... Yesterday it handn't been bid up to its reserve. ... (rec.audio.pro) Re: 16x8 consoles ... want is a LiLo. ... upper right of the console? ... the channel faders. ... C'est suisse, et tres, tres precis." ... (rec.audio.pro) Re: Console access via serial port ... > Can anyone tell me how I can configure SuSe to do this ?? ... To get LILO to use the serial console, ... based one as serial consoles don't display graphics. ... (alt.os.linux.suse)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(12)