Request for Review - Fedora Security Basics
Tom Diehl
tdiehl at rogueind.com
Sun Oct 9 23:22:43 UTC 2005
On Mon, 10 Oct 2005, Felipe Alfaro Solana wrote:
> > http://www.fedoraproject.org/wiki/SecurityBasics
>
> If one of the goals of Fedora Core is being secure right from the
> start, why is the user allowed to enter single-user without supplying
> the root password (sulogin)?
Because requiring a passwd on a box that you can sit in front of and take apart
is STUPID!! All requiring a passwd for single user mode does is make me have to
go find a rescue disk. What is the point? If you have physical access to the
machine you can get into it. You do not need passwds. Some take a little longer
than others. Why make the inevitable harder?
Think about windoze, Windoze requires a passwd for safe/recovery mode. All that
does for me is make me find my CD case, insert the CD into the drive and boot
from the CD. Machine does not have a CD you say OK now I have to go find a CD
drive to plug into the machine and my CD case. There is a passwd on the BIOS
you say, OK now I have to go find the little jumper on the MB to reset the BIOS
to the factory defaults.
The above applies to windoze and Linux. It does not matter. Where there is a
will there is a way.
Regards,
Tom Diehl tdiehl at rogueind.com Spamtrap address mtd123 at rogueind.com
More information about the docs
mailing list