Let's go one step further and prevent either a malicious, or "accidental" reboot by disabling the Ctrl-Alt-Del trap sequence. Could never understand why the default action is to reboot. Or, more importantly, why this hasn't been disabled yet via upstream. -Shawn On Sun, Sep 17, 2017 at 9:04 PM, Munir Nassar <nassarmu at gmail.com> wrote: > Heh, you don't even need a live CD, just interrupt grub, edit boot line and > add init=/bin/bash and boot from there. > > This is not a bug, and here is how you can prevent it from being exploited > > 1. Full disk encryption, which is usually sufficient on its own but the next > two are good too. > 2. Grub password to disallow changing boot parameters > 3. Bios password to disallow changing boot order > 4. If fde is not an option then at least use dmcrypt, encfs or ecryptfs > > On Sep 13, 2017 11:46, "Rick Engebretson" <eng at pinenet.com> wrote: >> >> As I play around backing up, upgrading, and what-not, I use >> not-so-hotswappable hard disk drives. Sometimes I goof up and have a bad >> /etc/fstab file and the system will hang at boot. In older distros there >> were some instructions to boot to root and use "mc" to edit /etc/fstab. This >> newer opensuse distro had me stumped how to just get the filesystem going. >> >> So I tried the Fedora Live DVD and booted to DVD, mounted the boot hard >> drive in KDE "dolphin" file manager, opened the KDE editor "kwrite," edited >> and saved the system file /etc/fstab, and rebooted the opensuse hard drive >> smooth as silk. >> >> I might be wrong, but these Linux Live DVDs seem to open a giant security >> hole. >> _______________________________________________ >> TCLUG Mailing List - Minneapolis/St. Paul, Minnesota >> tclug-list at mn-linux.org >> http://mailman.mn-linux.org/mailman/listinfo/tclug-list > > > _______________________________________________ > TCLUG Mailing List - Minneapolis/St. Paul, Minnesota > tclug-list at mn-linux.org > http://mailman.mn-linux.org/mailman/listinfo/tclug-list >