I helped a friend install Ubuntu GNU/Linux on his laptop, he left town, forgot his passwords, and I promised to breakin for him, so he can re-do his passwords. Told him all I have to do is run Knoppix, access his partition, and delete the little x in the password file. Then he would reset his root password in be back in business.
He felt betrayed. I understand why, I think: what's secure about GNU/Linux if anyone can boot the system and reset his passwords? I said, Dunno. I'll ask on the Gentoo list. How can anyone easily avoid the problem of anyone being able to access the guts of his machine using a live CD? I already thought of one: use the BIOS to disallow booting from a CD or Floppy, and set a password on the BIOS. Don't know whether all BIOSes will allow this, and anyway, isn't it possible on a lot of motherboards to short out the EPROM and thus reset the password of the BIOS? Of course, if he would forget his password he would lose all his data. Oh, well, does anyone have anything to suggest or to say about this? Alan Davis -- gentoo-user@gentoo.org mailing list
