That is correct. Unless you gain root access to the SmoothWall machine, you have no shell, therefore no access to the passwords. If a hacker manages to gain root access, he has full control of the box regardless, therefore access to everything.
As I have mentioned, there have been no successful hacks of an un-modified SmoothWall to date.
People need to remember that SmoothWall is not a Linux distro, as such. It is a task-oriented device - a firewall. It does not run as a multi-user system, as do other Linux distros. It does not have users with shell access other than root. It is not a "distro" it is a "device".
Regards,
HiltonT
Hi,
I was in #smoothwall at that time too. I agree with Hellcore's comments - the "reviewer" came on and refused to admit he was writing an article, had an obvious agenda, and failed to listen to anything that anyone said.
The fact that SmoothWall is designed to protect your LAN **from** the Internet was ignored. SmoothWall was not designed to protect your LAN **from** internal users. Regardless of this, there is only a single account that has a shell - "root" - and shadowing passwords and hiding passwords from this user is next to useless.
If someone manages to gain shell access to the SmoothWall machine, they already have root access. Your box is gone. Just remember that this has not happened. There have been no known successful hacks on an un-modified SmoothWall.
Secure? Yes, it is.
Regards,
HiltonT
Slashdot Mirror
That is correct. Unless you gain root access to the SmoothWall machine, you have no shell, therefore no access to the passwords. If a hacker manages to gain root access, he has full control of the box regardless, therefore access to everything. As I have mentioned, there have been no successful hacks of an un-modified SmoothWall to date. People need to remember that SmoothWall is not a Linux distro, as such. It is a task-oriented device - a firewall. It does not run as a multi-user system, as do other Linux distros. It does not have users with shell access other than root. It is not a "distro" it is a "device". Regards, HiltonT
This is lame. Really lame.
Hi, I was in #smoothwall at that time too. I agree with Hellcore's comments - the "reviewer" came on and refused to admit he was writing an article, had an obvious agenda, and failed to listen to anything that anyone said. The fact that SmoothWall is designed to protect your LAN **from** the Internet was ignored. SmoothWall was not designed to protect your LAN **from** internal users. Regardless of this, there is only a single account that has a shell - "root" - and shadowing passwords and hiding passwords from this user is next to useless. If someone manages to gain shell access to the SmoothWall machine, they already have root access. Your box is gone. Just remember that this has not happened. There have been no known successful hacks on an un-modified SmoothWall. Secure? Yes, it is. Regards, HiltonT