Trio3b Posted March 16, 2010 Report Share Posted March 16, 2010 (edited) Running mdv2008.1 I have hired an assistant to help in the office and have already locked permissions on files/folders I don't want them to have access to but I remembered there is a way to reset root password by entering single user mode at boot and typing passwd. It will then prompt to enter new password and confirm without asking for the old / original password. The likelyhood that this person would go thru the trouble to learn how to do this is slim as they are unfamiliar with Linux but I want to cover all angles. 1. Is this correct? 2. How can I prevent other/unauthorized users from doing this? I read up on /etc/passwd and etc/shadow but not sure I'm understanding. Looked into etc/passwd and it lists user IDs and etc/shadow contains the password in encoded or encrypted form but you need root password to view /etc/shadow which is a good thing, but this doesn't seem to address the ability of an unauthorized person from entering single user mode at boot and changing the password using the command passwd. I don't think I need to protect against cracking the root password per se (or maybe I do), but more against someone changing it. Any other security tips appreciated. I don't think I'm ready to encrypt folders and files yet. One thing at a time for me right now. Thanks Edited March 16, 2010 by Trio3b Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.