Changing Root Passwords without a Live CD

Robert Brockway robert-5LEc/6Zm6xCUd8a0hrldnti2O/JbrIOy at public.gmane.org
Tue Feb 9 20:00:42 UTC 2010


On Tue, 9 Feb 2010, Mike Oliver wrote:

> Is there a way I can make it require a password to edit the boot line at all?
> I don't want anyone who happens to find my laptop, when I've walked away
> from it for five minutes, to be able to get a root shell!

Both lilo & grub support passwords to change the boot line but it's 
important to keep in perspective how much security this offers.

Someone with physical access to the box can change the boot device in the 
BIOS and circumvent any bootloader protection.

You can set a BIOS password but someone with physical access to the 
machine can even potentially clear that using a jumper on the motherboard 
(yes this would be quite obvious).

You could rivet the case shut to preven this from occuring or you could 
just do what most us do and accept that if someone has physical access to 
the machine they can 0wn it (or steal it).

:)

Cheers,

Rob


-- 
Email: robert-5LEc/6Zm6xCUd8a0hrldnti2O/JbrIOy at public.gmane.org
IRC: Solver
Web: http://www.practicalsysadmin.com
I tried to change the world but they had a no-return policy
--
The Toronto Linux Users Group.      Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists





More information about the Legacy mailing list