Date: Tue, 3 Mar 2015 19:08:36 +0100 From: Polytropon <freebsd@edvax.de> To: Mehmet Erol Sanliturk <m.e.sanliturk@gmail.com> Cc: FreeBSD Questions Mailing List <freebsd-questions@freebsd.org> Subject: Re: Check root password changes done via single user mode Message-ID: <20150303190836.8260c9ba.freebsd@edvax.de> In-Reply-To: <CAOgwaMvytBWdoprPNSuqKMnuX-w7-L_u1Wvg=kTH7nEDCjTjvw@mail.gmail.com> References: <54F56A83.3000404@gmail.com> <CA%2ByaQw_3JJ2tJm32or-UmSpfMFo_jCn_JD1xFw=1E9i9K2reDg@mail.gmail.com> <54F57CD9.2000707@gmail.com> <54F5AF25.7000303@qeng-ho.org> <20150303141633.c38bdc7b.freebsd@edvax.de> <CAOgwaMvytBWdoprPNSuqKMnuX-w7-L_u1Wvg=kTH7nEDCjTjvw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 3 Mar 2015 06:02:13 -0800, Mehmet Erol Sanliturk wrote: > If any one is in front of the console , he/she may use a boot CD/DVD/USB > stick to boot a copy of the operating system , and do whatever wants to do . Only if booting from removable media is enabled in the BIOS or EFI, and if it's not, a password protection would stop the attacker from changing the setting. It's not that anything possible couldn't be made impossible by a clever trick, still leaving several other possible ways of doing it... ;-) On the other hand: If physical access has already been gained, the attacker could remove the hard disk and use it, for example with an USB adapter, with his own equipment he brought. Of course it's possible to prevent that attack by using non-standard screws, which only works as long as the attacker doesn't have the right tools for those screws. -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ...
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20150303190836.8260c9ba.freebsd>