-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The Tuesday 2007-03-20 at 12:08 +0100, jdd wrote:
> Frank Sundermeyer wrote:
>
> > well, yes, ;-) that would be one way. But you will _never ever_ see
> > documentation about how to break into the system within the official
> > manuals. Feel free to write a Wiki article.
>
> I think it's already there.
>
> This position is understandable, but also questionable.
Arguably so.
> In fact, IMHO there should be at least an exclamation mark saying "it's pretty
> easy for any people with physical access to a computer to defeat any root
> passwd on non-encrypted system. Strong encryption is the only somewhat safe
> mean to protect sensitive data, at the cost of the risk of losing this data is
> the password is forgotten"
>
> may be it's already there :-)
I think that it should be indeed documented in the manual. Security by
obscurity gives a false sense of security: the novice may thing that his
computer is safe just because the root password is unguessable, neglecting
to protect the access to the physical computer.
Explicitly documenting how to replace the root password without knowing
it, using a rescue CD or whatever is a most, because that way the novice
is shown how easy is to bypass that password and how important it is to
secure the computer.
Plus it is a needed knowledge should an admin forget the password (eeks!),
or be put in charge of an already installed system.
- --
Cheers,
Carlos E. R.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Made with pgp4pine 1.76
iD8DBQFF/8pWtTMYHG2NR9URAvQcAJ9aA0xpv5bd+1PldXaZwUHfiYuxdACfREaX
kTXYr2EUG68yepIo+pzcpuc=
=xeX7
-----END PGP SIGNATURE-----
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
