Re: Request for Review - Fedora Security Basics

[esm logic net]

On Sun, Oct 09, 2005 at 07:22:43PM -0400, Tom Diehl wrote:
> Because requiring a passwd on a box that you can sit in front of and take
> apart is STUPID!!

Invalid assumption; one can have access to the console without having
direct physical access. Think IP-based KVMs, where you can go so far as
being able to power cycle a system without being able to put hands on the
machine. Serial consoles are a similar situation.

Requiring a password for single-user login allows for a breach of KVM or
serial console server security without opening the attached systems to
attack. Grub passwords only solve half the problem (modification or misuse
of the bootloader); single-user passwords prevent the attacker from taking
advantage of a hardware fault (perhaps one that they triggered). Both are
necessary to properly secure the boot process when the console can be
reached over a network or from a shared/less-secured console area.

Granted, this is only an issue for data-center environments generally. I
just wanted to point it out as a use case that I'm familiar with.

-- 
Edward S. Marshall <esm logic net>
http://esm.logic.net/

Felix qui potuit rerum cognoscere causas.