Paul L. Snyder on 16 Dec 2005 17:11:55 -0000


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] EXT2 for Windows


Quoting "Michael C. Toren" <mct@toren.net>:

> On Fri, Dec 16, 2005 at 11:45:43AM -0500, Eugene Smiley wrote:
>
> > Second, It would seem that if you do dual boot, that this actually
> > opens a security hole. " The current version of the Ext2 file system
> > driver does not maintain access rights. All users can access all the
> > Ext2 volumes that a drive letter is created for. For example, if a
> > drive letter has been created for an Ext2 volume, which is the root
> > volume of a Linux installation, you can simply read and modify files
> > such as /etc/passwd and /etc/shadow. User names are readable and
> > passwords of these users can be quite easily cracked and modified!"
> > 
> > Double edged sword, anyone?
> 
> It's no more of a security problem than booting a Knoppix disk is.  Once
> you have physical access to the harddisk, it's game over.

>From outside the context of the running operating system, file system
permissions are roughly as effective as hoping that attackers set the
evil bit in their IP headers (RFC 3514).

  http://www.faqs.org/rfcs/rfc3514.html

It's also no different from Linux supporting NTFS.  There was much
handwaving when people realized that NT security could be so easily
bypassed, but there's not much you can do about it.  I've frequently
used pnordahl's offline password and registry editor to reset the
Administrator password on W2K and XP machines.  It uses Linux NTFS
support to directly edit the Windows password database.

  http://home.eunet.no/~pnordahl/ntpasswd/

On-disk encryption would provide a bit of protection for your files,
but it's not a panacea...have you checked for keystroke loggers
recently?

pls
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug