Behavior of RBAC offline

Submit your RBAC policies or suggest policy improvements

Moderators: spender, PaX Team

Behavior of RBAC offline

Postby evilangel » Tue Feb 10, 2009 5:15 am

Hey all,

If:
1/ I deploy RBAC on the filesystem of a server
2/take the harddrive hosting the OS with RBAC out
3/plug-it on another machine, as an extra storage (not as the OS of the machine)

I imagine RBAC is bypassed, right ?

Only ciphering harddrive would fit to avoid data leakage in such a case, no ?

Thanks
evilangel
 
Posts: 59
Joined: Thu May 15, 2008 7:57 pm
Location: France

Re: Behavior of RBAC offline

Postby cormander » Tue Feb 10, 2009 10:59 am

Yes, but this requires physical access to the machine. Mounting up a drive like your saying will bypass any software security system, and even ciphering a harddrive offers little protection against an experienced hacker; google "cold boot attck" (http://en.wikipedia.org/wiki/Cold_boot_attack has some general info)
cormander
 
Posts: 154
Joined: Tue Jan 29, 2008 12:51 pm
Location: Utah

Re: Behavior of RBAC offline

Postby evilangel » Wed Feb 11, 2009 11:35 am

Thanks Cormander
evilangel
 
Posts: 59
Joined: Thu May 15, 2008 7:57 pm
Location: France


Return to RBAC policy development