FedoraForum.org - Fedora Support Forums and Community
Results 1 to 4 of 4
  1. #1
    Join Date
    Nov 2017

    Fedora safety issues ?

    In the media lately there has been some articles about some safety issues in the linux-kernel related to the usb-drivers. If a hacker have access to the computer it seems to be possible to exploit these vulnerabilities and hack the computer. This made me think about some similar issues that is related to the usb-live version of the fedora operating system.

    There is a way to get access to a fedora computer without knowing the password if you have access to the computer. If you connect a usb (or a live dvd )and start up the live-os and then open up a terminal and then just type the "su"command you will have full access to the computer, both root and user access. I have used this method over the years when i need to repair something and my linux os wont boot.

    Is this to be regarded as a safety issue? I have never thought of this as an safety issue before i read the articles about the usb drivers. And do i need to fill in a bug report to the fedora developers?
    Last edited by GNUGNU; 10th November 2017 at 04:30 AM.

  2. #2
    Join Date
    Oct 2010

    Re: Fedora safety issues ?

    This attack vector requires physical access.
    If the attacker has physical access to the machine there are all sorts of other mischief they can inflict.

    User error. Please replace user and try again

  3. #3
    Join Date
    Dec 2013
    United Kingdom

    Re: Fedora safety issues ?

    It isn't a bug, the same applies to any linux live ISO, can come in very handy at times and ocratato is correct. accessing files is the least of your worries if someone has that level of access to your pc unauthorised. you can block booting from USB in EUFI firmware or BIOS whichever your machine uses and then password protect the BIOS Settings (should already be done if the machine is shared and you don't want people screwing with settings). Of course if they were hell bent on causing problems this too could be reset by them. It's easier on desktops but still achievable with a notebook PC too.

  4. #4
    Join Date
    Oct 2007

    Re: Fedora safety issues ?

    in addition to what's been mentioned, if your goal is to protect the data that might be on the computer's hard drive or ssd, then you need to think about encrypted volumes when you install the OS. this will then require a key to decrypt the volume and make it mountable and accessible. in this case, even if you can boot another OS on the same computer via live USB or other bootable medium, it doesn't immediately allow one to access the data on that computer.

    just keep in mind, that only protects your data at rest. when you are using the system and have already provided key; and you subsequently get your system compromised, that encryption will not protect anything.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts