I was replying to his comment about it being secure...
----- Original Message -----
From: Irv Mullins <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, July 05, 1999 09:51 James
Subject: Re: [newbie] Lack of security when booting in Linux single
> On Mon, 05 Jul 1999, you wrote:
> > It is secure, If you keep it that way and do not mess with things you do
not
> > know about. Don't change things if you do not know what it can do to
your
> > system..
>
> That's not really an answer to the question, nor is it accurate.
> The question was - why can someone boot a system without the
> password?
>
> Security is relative. If someone has physical access to your computer,
> and there is a floppy drive, anyone with a couple of linux boot/root
disks can
> start the system without knowing any passwords. Similarly, you can lock
your
> cars and take the keys, but I can come along with a tow truck and steal
the car
> anyway. Given that, why use passwords?
>
> The password system serves to prevent accidental changes that would
> mess up the software, and to discourage users from looking at other users'
> data. It's just a good balance between a system that's totally open (like
DOS)
> and a system so secure it's unusable. You can change the balance in either
> direction, but you can't eliminate the possibility someone will gain
access.
> Should you change it in the direction of "more secure"? Probably not.
> Anyone who knows the "linux single" trick almost certainly knows the
> "bring your own floppy" trick also.
>
> If your need for privacy justifies, you could remove the floppy
> drive (probably kinda inconvenient) and/or run an encrypted file system
that
> makes data almost impossible to retrieve, (and slows down operations
> considerably.) It might be easier to just lock the disk drive in the safe
> when you're not using it.
>
> Anyone who has physical access to your computer must be assumed to
> be "authorized" to be there, and therefore trustworthy. If that is not the
case,
> then posting armed guards and vicious dogs would be appropriate..
>
> Regards,
> Irv
>
> > ----- Original Message -----
> > From: Jo <[EMAIL PROTECTED]>
> > To: <[EMAIL PROTECTED]>
> > Sent: Monday, July 05, 1999 07:15 James
> > Subject: [newbie] Lack of security when booting in Linux single
> >
> >
> > > Hi,
> > >
> > > Recently my system failed to boot (I had added something to rc.local,
that
> > didn't belong there). On irc I was told that I could still boot if I
gave
> > linux single at the LILO boot. This worked, but to my surprise I never
had
> > to enter a login or a password. Even then, I was allowed to change
rc.local
> > back to what it was.
> > >
> > > Is this normal? I thought Linux was supposed to be so secure.
> > >
> > > Jo
> > >
>
