LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices



Reply
 
Search this Thread
Old 07-15-2010, 12:01 PM   #1
wagaboy
Member
 
Registered: Jun 2010
Distribution: Ubuntu 10.04, Cent OS 5.5, CLE3
Posts: 51

Rep: Reputation: 21
File system and password protection


Hi
I was under the impression that login password would protect my file system in Windows XP & 7. But after accessing NTFS partition from Linux, I think it's not protected.

I have 2 questions:
-------------------
1. Is it possible for someone to mess with Windows registry using Linux (using dual boot)? If so, does Windows have some sort of integrity checks to detect if registry file has been tampered with ? If not, is there a way to protect it ?

2. Is it possible to access files belonging to ext3 partition by using windows or other means(other than using sudo or logging as root) even if file rwx has been disabled for group and others ?
 
Old 07-15-2010, 12:11 PM   #2
sag47
Senior Member
 
Registered: Sep 2009
Location: Philly, PA
Distribution: Kubuntu x64, RHEL, Fedora Core, FreeBSD, Windows x64
Posts: 1,509
Blog Entries: 35

Rep: Reputation: 384Reputation: 384Reputation: 384Reputation: 384
Quote:
Originally Posted by wagaboy View Post
Hi
I was under the impression that login password would protect my file system in Windows XP & 7. But after accessing NTFS partition from Linux, I think it's not protected.

I have 2 questions:
-------------------
1. Is it possible for someone to mess with Windows registry using Linux (using dual boot)? If so, does Windows have some sort of integrity checks to detect if registry file has been tampered with ? If not, is there a way to protect it ?

2. Is it possible to access files belonging to ext3 partition by using windows or other means(other than using sudo or logging as root) even if file rwx has been disabled for group and others ?
Answer #1: In my experience windows does not have an integrity check on the registry for modification protection. It is possible for someone to mess with the registry using freely available tools. One could also import a Windows registry into the wine registry to access keys. There is a way to protect it and that is to encrypt the filesystem. This makes recovery difficult if not impossible if you lose the encryption key/password to your encrypted system. In Windows 7/Vista Ultimate the feature called bitlocker is Windows protecting the filesystem with encryption. You could also use a free tool which works very well called TrueCrypt (google) for Windows, Linux, or Mac. For just Linux there is dm-crypt. For Mac only there is FileVault. And as I've already mentioned a Windows only utility called bitlocker.

Answer #2: It is as easy to mount a Linux partition and modify it with a live disk as it is to mount an NTFS partition. With a live disk permissions don't matter because if necessary the user can take control of any file or folder with chmod and chown. The solution is to use filesystem encryption.

Remember there is no such thing as a 100% secure system. Locks are for honest people and even hard drive encryption has been proven to be circumvented.

Read this princeton research lab article and watch the video on hacking bitlocker (or any hard drive encryption program).

http://citp.princeton.edu/memory/

Last edited by sag47; 07-15-2010 at 12:19 PM.
 
1 members found this post helpful.
Old 07-15-2010, 12:28 PM   #3
wagaboy
Member
 
Registered: Jun 2010
Distribution: Ubuntu 10.04, Cent OS 5.5, CLE3
Posts: 51

Original Poster
Rep: Reputation: 21
sag47
Thank you for the reply !

I have an encrypted partition on my external HDD. I never bothered to protect my internal HDD(with ext3 partition)as I thought ACL would protect it.
 
Old 07-15-2010, 01:25 PM   #4
sag47
Senior Member
 
Registered: Sep 2009
Location: Philly, PA
Distribution: Kubuntu x64, RHEL, Fedora Core, FreeBSD, Windows x64
Posts: 1,509
Blog Entries: 35

Rep: Reputation: 384Reputation: 384Reputation: 384Reputation: 384
ACLs are all well and good for a logged in system. But remember that you can change ACLs when logged in as root. Using a live cd with a root login without a password still has the same permissions on a filesystem as the actual systems root. It only matters how you mount the filesystem through fstab.
 
  


Reply

Tags
encryption, filesystem, linux, password


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Password Protection How? saheelahamed Linux - Software 0 10-08-2007 01:22 AM
Volume Password Protection easuter Linux - Security 3 06-13-2006 06:07 AM
Best file system for corruption protection? Wyk3d Mandriva 3 12-24-2004 07:17 PM
password protection kushal Linux - Security 4 10-10-2002 10:33 PM
Password Protection TheSockMonster Linux - Newbie 1 05-27-2002 12:10 PM


All times are GMT -5. The time now is 08:14 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration