View Single Post
Old 23rd May 2009
ocicat ocicat is offline
Administrator
 
Join Date: Apr 2008
Posts: 3,277
Default

Quote:
Originally Posted by pik View Post
One thing that was concerning me was the lack of security via single user mode. By default, single user mode doesn't ask for a password - it will drop the user at a root prompt, no questions asked. Obviously this isn't a very desirable situation for a laptop, and in my mind it's probably more insecure than windows xp - so I manually commented out the 'secure' attributes listed in /etc/ttys. Has anyone else bothered to do this, or am I just being paranoid?
The standard arguments in response to these questions are:
  • If the bad guys have physical access to a computer, all bets are off. What is of most concern is the data on the hard drive, & if safeguards were in place to thwart powering a system on, what keeps these dastardly types from taking the hard drive out of the laptop & mounting it somewhere else?

    This is why preventing access is more important.
  • Also, consider the situation where the root password is lost. How is a system (& more importantly, the data on the disk(s)) to be reclaimed? Again, by having physical access, the password can be changed without knowledge of previous passwords.
  • If the data is that important and/or sensitive,
    • Back the data up, & back it up often.
    • Consider using vnconfig(8) to configure the encryption of user (non-root) partitions. The root partition cannot be encrypted, but /home or other partitions can be. Likewise, encrypting an entire system is not that practical given the performance degradation.
Reply With Quote