Mailing List Archive
tlug.jp
Mailing List
tlug archive
tlug Mailing List Archive
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] Running Linux and Windows on a Single Box
- Date: Tue, 11 Apr 2006 23:48:30 -0700
- From: Walter Hansen <gandalf@example.com>
- Subject: Re: [tlug] Running Linux and Windows on a Single Box
- References: <443B96BA.4040705@example.com> <20060411123730.5d91d1e9.jep200404@example.com> <17468.31937.564279.394669@example.com> <20060412015319.37d0c484.jep200404@example.com>
- User-agent: Thunderbird 1.5 (Windows/20051201)
Jim wrote:
Viktor Pavlenko wrote:J> When Windows is corrupted, it has access to Linux partitions J> and so can in turn corrupt Linux. Any real life examples?"J" == Jim <jep200404@example.com> writes:I have never heard of any and do not expect to.Walter Hansen wrote:Since windows in not capable of reading Linux partitions I would find it nearly impossible for Windows to corrupt Linux.That Windows is not natively able to grok Linux partitions is irrelevant to an attacker being able to use corrupted Windows to attack Linux partitions. Windows has control of the hardware. An attacker could access any sectors on any hard drive they cared to. It could be crude. Look for some sectors _anywhere_ on the drive that match some pattern, such as one might expect in /bin/login for example, and replace those sectors with a modified /bin/login. Another way would be for the attacker to run a Linux, such as colinux, as a tool within the corrupted Windows, to grok Linux partitions. Even if the corrupted Windows could not understand Linux partitions, any sectors could be sent elsewhere for analysis and the same elsewhere could return sectors to be written. I'm thinking of something vaguely like NFS or iSCSI. My general understanding is that once an OS is corrupted, that all hard drive content is vulnerable, regardless of what the BIOS tells the OS, but I am ignorant of how strong the hide boot stuff is that Edward wrote about, so I have to defer to him on that. Edward's recommendation to encrypt the Linux partitions and boot from read-only media makes sense. It might not prevent vandalism, but it would certainly prevent secrets (such as in /etc/shadow) from being revealed.Jim
Ahhh, you mean hacked as I would put it. Yes that would be possible. Highly unlikely, but possible. It would take a very knowledgeable hacker/cracker with the time to spend on that particular system. Of course they could just waste the hard drive in general and that would be much easier and wouldn't require a lot of intelligence.
At least to me corrupted means degraded so as to be destructive to itself. It would be very unlikely for a windows partition to mess up so badly that it messed up a linux partiton. It is remotely possible.
- Follow-Ups:
- Re: [tlug] Running Linux and Windows on a Single Box
- From: Joe Larabell
- Re: [tlug] Running Linux and Windows on a Single Box
- From: Alain Hoang
- Re: [tlug] Running Linux and Windows on a Single Box
- References:
- [tlug] Need purchasing advice for a linux compatible desktop
- From: Joseph Essertier
- [tlug] Running Linux and Windows on a Single Box (was Need purchasing advice for a linux compatible desktop)
- From: Jim
- Re: [tlug] Running Linux and Windows on a Single Box (was Need purchasing advice for a linux compatible desktop)
- From: Viktor Pavlenko
- Re: [tlug] Running Linux and Windows on a Single Box
- From: Jim
- [tlug] Need purchasing advice for a linux compatible desktop
- Prev by Date: Re: [tlug] Running Linux and Windows on a Single Box
- Next by Date: Re: [tlug] Need purchasing advice for a linux compatible desktop
- Previous by thread: Re: [tlug] Running Linux and Windows on a Single Box
- Next by thread: Re: [tlug] Running Linux and Windows on a Single Box
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |