Subject: | |
From: | |
Reply To: | |
Date: | Fri, 29 Jul 2011 15:44:36 +0200 |
Content-Type: | MULTIPART/MIXED |
Parts/Attachments: |
|
|
On Fri, 29 Jul 2011, Marek Andreánsky wrote:
> Why is securing /etc/inittab helping? I've read that by
> adding init=/bin/bash to grub you can get into the machine and change the
> shadow file anyway, which gives you root. I'd say that Red Hat presumes that
> the server is in a secure location and it is therefore highly improbable
> that anyone could just simply sit down to it and reboot it without anyone
> ever noticing.
Well, one of the additional security measures when securing a Linux system
is adding a password to your BIOS and to your bootloader. So that changing
the kernel commandline or booting another device by someone unauthorized
is hard or impossible.
You could consider someone having physical access to your system, to be
able to walk away with the harddisk anyway (encrypted filesystem not
taken into account), but at least that's not something you can do without
being noticed.
So making it harder at multiple levels is required, and not a 100%
guarantee. Adding proper datacenter security, security cameras, visible
badges, etc... All help adding to the total security of your system's
data.
--
-- dag wieers, [log in to unmask], http://dag.wieers.com/
-- dagit linux solutions, [log in to unmask], http://dagit.net/
[Any errors in spelling, tact or fact are transmission errors]
|
|
|