Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 3 Mar 2015 19:08:36 +0100
From:      Polytropon <freebsd@edvax.de>
To:        Mehmet Erol Sanliturk <m.e.sanliturk@gmail.com>
Cc:        FreeBSD Questions Mailing List <freebsd-questions@freebsd.org>
Subject:   Re: Check root password changes done via single user mode
Message-ID:  <20150303190836.8260c9ba.freebsd@edvax.de>
In-Reply-To: <CAOgwaMvytBWdoprPNSuqKMnuX-w7-L_u1Wvg=kTH7nEDCjTjvw@mail.gmail.com>
References:  <54F56A83.3000404@gmail.com> <CA%2ByaQw_3JJ2tJm32or-UmSpfMFo_jCn_JD1xFw=1E9i9K2reDg@mail.gmail.com> <54F57CD9.2000707@gmail.com> <54F5AF25.7000303@qeng-ho.org> <20150303141633.c38bdc7b.freebsd@edvax.de> <CAOgwaMvytBWdoprPNSuqKMnuX-w7-L_u1Wvg=kTH7nEDCjTjvw@mail.gmail.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 3 Mar 2015 06:02:13 -0800, Mehmet Erol Sanliturk wrote:
> If any one is in front of the console , he/she may use a boot CD/DVD/USB
> stick to boot a copy of the operating system , and do whatever wants to do .

Only if booting from removable media is enabled in the
BIOS or EFI, and if it's not, a password protection would
stop the attacker from changing the setting.

It's not that anything possible couldn't be made impossible
by a clever trick, still leaving several other possible ways
of doing it... ;-)

On the other hand: If physical access has already been
gained, the attacker could remove the hard disk and use
it, for example with an USB adapter, with his own equipment
he brought. Of course it's possible to prevent that attack
by using non-standard screws, which only works as long as
the attacker doesn't have the right tools for those screws.


-- 
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20150303190836.8260c9ba.freebsd>