Yet another Linux on the desktop article

Uncle Jim jim at jimani.com
Sun Aug 1 03:49:37 CDT 2004 

On Sat, Jul 31, 2004 at 01:20:23PM -0500, Jonathan Hutchins wrote:

> Most PC's will boot from a floppy - or for that matter a CD these days - 
> before they ever even load the OS, so anybody with physical access can 
> potentially compromise "security".  It's all in how you set the system up.  
> 
> I really can't see that simply mounting a floppy is any greater hazard than 
> any other form of file loading.  Of course, if you could make a case for it, 
> then you would want to turn automount off.  

I realize that physical access to the hardware means all bets are off but automount
is equivalent to root with no password.

It takes a little time and effort to open the case and short pins on the motherboard
or pull hda and put it in another host.  Even Brian, who has the metro area's largest
collection of "Live CD"s and should be considered potential security risk, would have
to take the time to reboot the machine.  If I have a floppy with a copy of bash that
is owned by root with permissions of 4755 and I come to your machine all I have to do
is insert the floppy and type "/mnt/floppy/bash", 16 keystrokes.  If root has no password
I simply type "su - root", 9 keystrokes.  So if you assume that I've always had a mouse
and can only type with my left thumb and can only reach 10 words per minute (1 sec. per
keystroke) thats only seven seconds + time to insert floppy different from root without
password.  And I'm getting better with my left thumb all the time.

So, if you have a machine where you think a password for root is a waste of time then I
think you should also enable automount.

Since mounting removable media carries a security risk I don't think it is unreasonable
to have the system request a password before mounting.  Keep in mind that a security
breach at your host usually is not just your problem, it often ends up affecting lots
of other people on the Internet.

So I fail to see where the ability to automount should be a criteria for "desktop ready"
unless "desktop ready" means isolated, unconnected host.

-- 
Jim

More information about the Kclug mailing list