File system and password protection
I was under the impression that login password would protect my file system in Windows XP & 7. But after accessing NTFS partition from Linux, I think it's not protected.
I have 2 questions:
1. Is it possible for someone to mess with Windows registry using Linux (using dual boot)? If so, does Windows have some sort of integrity checks to detect if registry file has been tampered with ? If not, is there a way to protect it ?
2. Is it possible to access files belonging to ext3 partition by using windows or other means(other than using sudo or logging as root) even if file rwx has been disabled for group and others ?
Answer #2: It is as easy to mount a Linux partition and modify it with a live disk as it is to mount an NTFS partition. With a live disk permissions don't matter because if necessary the user can take control of any file or folder with chmod and chown. The solution is to use filesystem encryption.
Remember there is no such thing as a 100% secure system. Locks are for honest people and even hard drive encryption has been proven to be circumvented.
Read this princeton research lab article and watch the video on hacking bitlocker (or any hard drive encryption program).
Thank you for the reply !
I have an encrypted partition on my external HDD. I never bothered to protect my internal HDD(with ext3 partition)as I thought ACL would protect it.
ACLs are all well and good for a logged in system. But remember that you can change ACLs when logged in as root. Using a live cd with a root login without a password still has the same permissions on a filesystem as the actual systems root. It only matters how you mount the filesystem through fstab.
|All times are GMT -5. The time now is 12:35 AM.|