"Pseudo" Installs - a new way to hack into a system?
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
"Pseudo" Installs - a new way to hack into a system?
I'm not techie, but I've done this, and I'm a little confused.
Consider this:
You have Red Hat Linux installed on a ext3 filesystem. Two people use this system - Steve and Dave. They each have a "normal" (non-root) account. Both cannot access each other's documents. However, if a person does a "pseudo" install on the system, he will supply a new root password and then he can access both Steve and Dave's documents without restriction.
On the other hand, if a new install is done on a computer running XP on an NTFS file system, overwriting the previous Windows installation, then the individual "My Documents" folders of all "Administrators" of the system will become "useless". Everyone is denied access to these folders, and the only way to delete them is to reformat the hard drive.
Any opinions? Does this mean the Tux cannot protect our documents, and Linux is vulnerable to "Pseudo install" attacks?
Re: "Pseudo" Installs - a new way to hack into a system?
Quote:
Originally posted by DJ Shaji
Any opinions? Does this mean the Tux cannot protect our documents, and Linux is vulnerable to "Pseudo install" attacks?
This isn't a "vulnerability" or some sort of attack, but rather the simple fact that if someone has physical access to your computer, you have no security. They could boot a CD-based distro like Knoppix, or simply boot into single user mode. With some distros, booting into single user mode automatically gives you root access. Security can only go so far, and physical access means a reasonably skilled person can defeat a number of normal security measures.
Not really sure what you mean by a pseudo install, but virtually all major OS's suffer from the local attacks Hangdog42 described, so it's definitely not a "Linux" thing. It's an unfortunately consequence of people forgetting root/admin passwords...if there's no way to reset it, then the user now has very expensive doorstop.
If you want to keep your files secure, encrypt them. Even then, it's often still possible to recover the data by recovering encryption keys from drives or if it's not stored on disk, they can even turn up in the swap partition.
Even the solutions that 2damncommon listed are defeatable.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.