Check root password changes done via single user mode

[Arthur Chance]

On 03/03/2015 14:02, Mehmet Erol Sanliturk wrote:
> On Tue, Mar 3, 2015 at 5:16 AM, Polytropon <freebsd at edvax.de> wrote:
>
>> On Tue, 03 Mar 2015 12:55:01 +0000, Arthur Chance wrote:
>>> As Bruce Schneier says, there's no such thing as perfect security, it
>>> all depends on what costs (in money, time, or effort) attacker and
>>> defender are prepared to pay.
>>
>> Also consider non-OS security in this context: A CCTV camera
>> monitoring the console, or a hardware keylogger that can be
>> examined for SUM logins and "passwd" command calls. This is
>> relatively easy with physical servers, but those which are
>> being accessed via network (and with some management solution
>> that let's you, for example, access the serial console via
>> IP) could benefit from a mechanism examining the network
>> traffic; but as soon as you have end-to-end encryption in
>> such a setup, it won't work... except it's weak crypto and
>> you have the sufficient means...
>>
>> FreeBSD can only offer a specific subset of solutions "out
>> of the box", and a versatile attacker will always find a way
>> to avoid those obstacles.

>> _______________________________________________
>>
>>
> If any one is in front of the console , he/she may use a boot CD/DVD/USB
> stick to boot a copy of the operating system , and do whatever wants to do .

Just another step in the arms race. Configure the BIOS/UEFI to boot from 
the hard disk first, set the BIOS password(s). At this point an attack 
requires opening the case. Counter that with a locked room, and so on.

As I said, it all depends how much effort both sides want to expend. 
That's why I asked the OP what his threat model was. Until that's 
answered we can only keep escalating threats and countermeasures into 
the realms of the hypothetical and ridiculous. Thermic lances through 
bank vault walls anyone? :-)

-- 
Those who do not learn from computing history are doomed to
GOTO 1