Check root password changes done via single user mode

Polytropon freebsd at
Tue Mar 3 18:08:40 UTC 2015

On Tue, 3 Mar 2015 06:02:13 -0800, Mehmet Erol Sanliturk wrote:
> If any one is in front of the console , he/she may use a boot CD/DVD/USB
> stick to boot a copy of the operating system , and do whatever wants to do .

Only if booting from removable media is enabled in the
BIOS or EFI, and if it's not, a password protection would
stop the attacker from changing the setting.

It's not that anything possible couldn't be made impossible
by a clever trick, still leaving several other possible ways
of doing it... ;-)

On the other hand: If physical access has already been
gained, the attacker could remove the hard disk and use
it, for example with an USB adapter, with his own equipment
he brought. Of course it's possible to prevent that attack
by using non-standard screws, which only works as long as
the attacker doesn't have the right tools for those screws.

Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...

More information about the freebsd-questions mailing list