SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
My user account can't even view shadow, so I don't think I have a permissions problem. What he is saying is inserting, say, knoppix then hacking it like that. I'm sure there would be a way to remotely mount the root partition w/o it's permissions then editing shadow. I'm suggesting making the file uneditable, even by root. Obviously this would make a password recovery impossible. What problems would chmod'ing shadow this way cause?
Last edited by Furlinastis; 11-29-2005 at 02:10 PM.
If you have local access to the machine, it is easy to break the root passord
You could always set BIOS access protected by password,
non permit of booting from other media than the hard drive,
lilo / grub menu editing feature prohibited, the computer box locked, etc...
Originally posted by keefaz If you have local access to the machine, it is easy to break the root passord
You could always set BIOS access protected by password,
non permit of booting from other media than the hard drive,
lilo / grub menu editing feature prohibited, the computer box locked, etc...
Well that is really one thing what admins do (configure their bios) so that noone can boot any bootable media (floppy, cd, flash...). This includes setting the bios password. Also features like wol (wake-on-lan) shoud be disabled. But whatta pitty - if you gain acces to that box - resetting CMOS is way to easy (unless some kinda hardware (HDD data..) encryption is provided via bios - than all the crappy data is WASTED).
If you manage to boot into a box with a rescue disc or live cd, and mount teh harddrive, then u gain root acces (u r a root user in the Live cd - say Slax) to any mounted drive and any files stored on them like /etc/shadow.
Sooo... conclusions - store your box inside a lockable steel box (shielding it against sigint attacks would be nice hehehe ).
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.