Ubuntu security hole? (not super major, but wondering if it is an issue to report)
Mike Bird
mgb-ubuntu at yosemite.net
Tue May 9 20:08:54 UTC 2006
On Tuesday 09 May 2006 12:09, Dick Davies wrote:
> On 09/05/06, Mike Bird <mgb-ubuntu at yosemite.net> wrote:
> > I have worked where most programmers had keyboard/mouse/monitor remote
> > access but no physical access to the secure computer room. Programmers
> > could reboot a system when necessary but not use removable media to
> > become root.
>
> Mike, please read the thread.
>
> We're talking about fsck dropping you to a rootprompt because it can't
> mount the disk, not booting off removable media.
Dick, please read the thread. ;-)
The argument was that dropping to a root prompt is no loss of security
because, given physical access, one could boot from removable media.
Dropping to a root prompt is a security hole for those systems which provide
keyboard access but which do not permit booting from removable media.
--Mike Bird
More information about the ubuntu-users
mailing list