On 12/13/05, Rony Bill ronbillypop@yahoo.co.uk wrote:
Thanks to you and Revant for your nice explainations. I have only one last question for this topic. This is to understand the scope of risk that root login carries.
Suppose we assume that the root is totally honest and will not destroy any files even by mistake and will always man his terminal so no one else will type in anything from his keyboard. In this situation, is the system still at risk from any other factors? Can anyone who has access to the system's network hijack the running root-login session? In short, is the risk only limited to the root doing harm or his station being used by someone else while he is away or is it possible to intrude into the root's session remotely. How private is a login session?
if someone has physical access to any system, it can be accessed as root by single user session, by init 1 from kernel arg, or setting up a portable camera/mms phone hidden above the keyboard to see the password when root log's in. ;)
you can feel secure if there is no device from where you can boot into rescue mode/ single user, and your grub is password protected. (and be paranoid and avoid usage of Phone/Cameras near your computer)
as for the remote access, I don't know much, but imagining that it can be accessed cracking the holes. which needs a brain which can debug programs/ find bugs and exploit them.
revant