Page 2 of 2

Re: Is dual booting a security issue?

Posted: Wed Jun 06, 2018 5:38 pm
by rado84
sdibaja wrote:
Mon Jun 04, 2018 10:20 pm
so You can't let a friend or family member use your computer "for just a minute" to check their email or their whataps.
Yes, you can. That's why smart people wrote Clonezilla. Even if your friend or family member screws things up, you can always restore from the backup. ;) For that reason I keep backups of both Windows 7 and Mint and my data is on a different partition than the operating systems are.

Re: Is dual booting a security issue?

Posted: Wed Jun 06, 2018 6:39 pm
by sdibaja
CupidsHelper wrote:
Wed Jun 06, 2018 5:29 pm
JerryF wrote:
Tue Jun 05, 2018 11:13 am
sdibaja wrote:
Mon Jun 04, 2018 10:20 pm
To the best of my knowledge any user of LM 18.3 and LM 19 can see/edit/delete any and all files/folders/programs on the entire computer, without needing a User or Root password.
I would call that a security issue... But that is not a new thing, people like it that way.
That's not entirely correct. If you're logged in as a user, you cannot delete system folders and files without becoming root or using the sudo command.
Good to know.
Maybe the M19 Beta is different, but I just got back from doing a test...
I Can mount and open system folders in another OS (or archive/data partitions), and then actually delete system files... and they don't go to the trash folder, Deleted. (I made backups first, so no harm done) ... tested deleting fstab and the Apt folder (the heart of the OS in my mind)
something odd, to unmount those partitions I Did need a password.
Maybe these are Mint 19 bugs I should report...

Re: Is dual booting a security issue?

Posted: Fri Jun 08, 2018 12:35 am
by CupidsHelper
Moem wrote:
Wed Jun 06, 2018 5:34 pm
CupidsHelper wrote:
Wed Jun 06, 2018 5:31 pm
As others have stated, encryption seems to be the best option sensitive data on your machine. 8)
... Sure. I'm not sure why you're telling me this. It neither confirms nor contradicts anything I said. :?
Hello Moem. :) I am hopeful, that I did not offend you. It was not my intent. Just mentioning, IF someone has sensitive data on their machine, then encryption is a good option. That is all. Have a good day. :)

Re: Is dual booting a security issue?

Posted: Fri Jun 08, 2018 1:19 am
by Moem
CupidsHelper wrote:
Fri Jun 08, 2018 12:35 am
Hello Moem. :) I am hopeful, that I did not offend you. It was not my intent.
No worries! You confused me a little, is all. But I can cope with that. :)

Re: Is dual booting a security issue?

Posted: Fri Jun 08, 2018 7:36 am
by JerryF
sdibaja wrote:
Wed Jun 06, 2018 6:39 pm
JerryF wrote:
Tue Jun 05, 2018 11:13 am

That's not entirely correct. If you're logged in as a user, you cannot delete system folders and files without becoming root or using the sudo command.
Maybe the M19 Beta is different, but I just got back from doing a test...
I Can mount and open system folders in another OS (or archive/data partitions), and then actually delete system files... and they don't go to the trash folder, Deleted. (I made backups first, so no harm done) ... tested deleting fstab and the Apt folder (the heart of the OS in my mind)
something odd, to unmount those partitions I Did need a password.
Maybe these are Mint 19 bugs I should report...
My second post pertains to the problem of someone else having access to your computer.
As long as folder and file permissions remain as default, then no, you shouldn't have any security issues.

Now, if someone had physical access to your computer and that person can boot a Live DVD/USB, then security is compromised.
Normally, someone else wouldn't be using/installing another OS without you knowing.

There are several levels of security. Two off the top of my head:
Setting other users with a non-administrator account. That user cannot gain sudo rights.
Setting passwords to boot from a USB/DVD.

Re: [SOLVED] Is dual booting a security issue?

Posted: Fri Jun 08, 2018 9:47 am
by sdibaja
Very true Jerry.
The OP CupidsHelper asked "...dual boot LM 18.3 and LM 19, would this have any security issues?..."
the simple answer is No.
But there are some issues to consider...

To make it clear, I do not intend to bash Linux Mint or Ubuntu. Most of the settings are made that way because of very popular demand. And it does work, almost always.

I am thinking of the "typical" Linux Mint user. They would Not be highly computer sophisticated, and using 99% of the defaults.
I wager that the "normal" "typical" Linux Mint user would probably be dual booting with Windows, and LM set as the default OS in grub.
I also wager Most have it set to autologin, and not have the BIOS requiring a key/password.
...so, as we noted above, using the defaults, anyone in the household could sit down and do some damage that would be difficult for the noob to repair.

My home is probably kinda typical, a couple computers sitting in a public space.
When friends and grandkids come over, and they are free to use any of them with no restrictions. Checking in at the office, email, Homework, social networking, etc. should be safe and non destructive.
Unfortunately, I feel with having Linux Mint on the menu (using the defaults) some Very Innocent poking around could be very easily damaged... such as opening and deleting items in that Timeshift partition for those that use it. Oh No!

Secure Backups, Passwords. We need those things.

Re: [SOLVED] Is dual booting a security issue?

Posted: Fri Jun 08, 2018 1:05 pm
by JerryF
sdibaja wrote:
Fri Jun 08, 2018 9:47 am
Very true Jerry.
The OP CupidsHelper asked "...dual boot LM 18.3 and LM 19, would this have any security issues?..."
the simple answer is No.

But there are some issues to consider...

To make it clear, I do not intend to bash Linux Mint or Ubuntu. Most of the settings are made that way because of very popular demand. And it does work, almost always.

I am thinking of the "typical" Linux Mint user. They would Not be highly computer sophisticated, and using 99% of the defaults.
I wager that the "normal" "typical" Linux Mint user would probably be dual booting with Windows, and LM set as the default OS in grub.
I also wager Most have it set to autologin, and not have the BIOS requiring a key/password.
...so, as we noted above, using the defaults, anyone in the household could sit down and do some damage that would be difficult for the noob to repair.

My home is probably kinda typical, a couple computers sitting in a public space.
When friends and grandkids come over, and they are free to use any of them with no restrictions. Checking in at the office, email, Homework, social networking, etc. should be safe and non destructive.
Unfortunately, I feel with having Linux Mint on the menu (using the defaults) some Very Innocent poking around could be very easily damaged... such as opening and deleting items in that Timeshift partition for those that use it. Oh No!

Secure Backups, Passwords. We need those things.
You're right, but I wasn't including Windows because the OP only stated Mint 18 and 19 for dual boot.

How would having Linux Mint on the menu be bad? If friends, grandkids, etc. use the computer, you could set up a guest session which would further restrict the user rights. They definitely would be able to delete items in the Timeshift partition.

Re: [SOLVED] Is dual booting a security issue?

Posted: Fri Jun 08, 2018 3:37 pm
by sdibaja
Jerry I am thinking of "out of the box" "normal LM user", the default setup. Like they are accustomed to with Windows... that is the target audience.
===
My orientation is using LMDE for many years, now Debian for the last year or so.
basic prevention:
Passwords.
Strong root password required as default during install
weak User password if desired, mine is two characters
User is Not on the Sudoers list, unless specifically created, by Root
--
without Root Password nobody can mount other partitions without Password.
also can't access System folders without Password.


that's it in a nutshell