Roy Schestowitz wrote:
> They must have made it a possibility because some users were negligent
> enough as to forget the root password. This means that given the
> installation CD and an account on any machine machine, obtaining root
> privileges is a possible but a little laborious.
One thing to remember, is that security includes physical security. You
don't let anyone have physical access to servers etc., that's not supposed
to. You can also protect desktop systems, by disabling booting from CDs
and then locking the case, so someone can't get to that jumper.
While we're at it, there's nothing to stop someone from booting a live Linux
CD and getting full access to a Windows disk.