Page 1 of 1
Total Security By Pass
Posted: Fri Mar 04, 2011 7:59 am
by spacegoat
Hello,
My daughter who I locked out of Deb Mint by changing her password worked out a way to get back in and run any arbitrary program and access any user data!!!
At the login screen perform CTRL-ALT-DEL
The system Monitor pops up.
Double click on any disk and you will be able to browse, read and execute anything.
The solution I used was to chmod o-x and chmod g-x on the system monitor.
I do not know if this affects other Mint, Debian or Ubuntu versions.
Re: Total Security By Pass
Posted: Fri Mar 04, 2011 8:23 am
by viking777
That sounds dramatic, but it is a simple fact that if you have physical access to a machine you can do anything with it. Boot from a live cd, reset the password to one of your own choosing and you have the ability to access and change anything you like.
The moral is don't leave your laptop on the bus
PS. I am not sure if that applies to a grub password or not, but it probably does - I am sure someone will tell me. Encrypted file systems are probably another answer.
Re: Total Security By Pass
Posted: Fri Mar 04, 2011 8:30 am
by zerozero
Just for the record that seems to be a gdm-specific problem. I just tried now in KDE and the behaviour is totally different: a window pops up with shut down and restart options.
Re: Total Security By Pass
Posted: Fri Mar 04, 2011 9:08 am
by viking777
The default in gnome is to map Ctl/Alt/Del to gnome-system-monitor. You can change it in gconf-editor under apps/metacity/keybinding_commands.
Re: Total Security By Pass
Posted: Fri Mar 04, 2011 10:13 am
by spacegoat
Thanks for the tips.
I believe this issue is dramatic.
The general PC community are not Boot CD knowledgeable. Businesses rely on logical security. They cannot physically protect every persons PC.
Re: Total Security By Pass
Posted: Fri Mar 04, 2011 2:07 pm
by monkeyboy
spacegoat wrote:Thanks for the tips.
I believe this issue is dramatic.
The general PC community are not Boot CD knowledgeable. Businesses rely on logical security. They cannot physically protect every persons PC.
Security responses need to be tailored to meet the needs and resources of the user. What I need as a home user is radically different from the needs and solutions required by a business network. Lets face it for many business users Mint is not the optimal choice. Relax and enjoy
Re: Total Security By Pass
Posted: Fri Mar 04, 2011 2:48 pm
by DrHu
spacegoat wrote:My daughter who I locked out of Deb Mint by changing her password worked out a way to get back in and run any arbitrary program and access any user data!!!
She could run user programs, but unless she knew the admin password, that is used by the first created user on a Ubuntu/Mint system (a slight limited root account), she would not be able to reset your desktop settings for example..
Secondly, the default permissions on user directories (folders) allow other users to see rectories and contents under /home
--you can prevent that by changing your permissions for group and others to no access, so she would then be unable to read or see your /home data
Also, you should remember to change your account password, since that is probably the user account you use to manage the system
Better pick a better password, my guess she saw you type it or otherwise knows it
--for example if you changed her password while she was watching you..
Re: Total Security By Pass
Posted: Sat Mar 05, 2011 12:43 pm
by malligt
Question for @viking777
The default in gnome is to map Ctl/Alt/Del to gnome-system-monitor. You can change it in gconf-editor under apps/metacity/keybinding_commands.
This has always frustrated me.
LMDE Main Menu has the keyboard shortcut for ctrl+alt+del as the log out short cut. But, if I'm understanding you correctly, you say ctrl+alt+del is the gnome default for system monitor?
With all due respect here, which is correct?
Re: Total Security By Pass
Posted: Sat Mar 05, 2011 12:54 pm
by viking777
LMDE Main Menu has the keyboard shortcut for ctrl+alt+del as the log out short cut
Not on my system. Ctl/Alt/Del gives me the system monitor. If yours is different I apologise, I only report what I see.
Re: Total Security By Pass
Posted: Sat Mar 05, 2011 1:06 pm
by malligt
Here it is, unchanged from the time I downloaded and installed it. LMDE 2011 respin 32 bit.
Re: Total Security By Pass
Posted: Sat Mar 05, 2011 1:20 pm
by viking777
Yes, I have that as well, but now look in gconf-editor apps/metacity/keybinding_commands in conjunction with apps/metacity/global_keybindings and look for the same run_command number in both and you will see what the OS actually takes notice of.
Now I have to say that I believe Ctl/Alt/Del should be mapped to the Log out command, but it isn't, at least not on my version of LMDE, and I would hardly have changed it myself to something that I think is wrong, would I?
Re: Total Security By Pass
Posted: Sat Mar 05, 2011 1:36 pm
by malligt
You raise an interesting point.
Consider for a moment that a majority of persons encountering LMDE for the first time, would see it my way...that is to say that the command ctrl+alt+del wrongly shows system monitor.
Probably due to years of Windows XP/VISTA/7 usage.
BTW--I diligently tried to follow your instructions, got to gconif-editor...apps/metacity/keybinding settings/command # 9....and tried to edit it (rename) to gnome-log-off....and it failed.
So I'm still learning...
Re: Total Security By Pass
Posted: Sat Mar 05, 2011 1:44 pm
by viking777
malligt wrote:You raise an interesting point.
Consider for a moment that a majority of persons encountering LMDE for the first time, would see it my way...that is to say that the command ctrl+alt+del wrongly shows system monitor.
Probably due to years of Windows XP/VISTA/7 usage.
BTW--I diligently tried to follow your instructions, got to gconif-editor...apps/metacity/keybinding settings/command # 9....and tried to edit it (rename) to gnome-log-off....and it failed.
So I'm still learning...
Ah, well you are braver than me for even trying to remap it, I haven't
I believe the command you need is
but I haven't tested it so I could be wrong.