Need to physically secure a Linux machine
If you are running a Linux machine in production you have to make sure it is physically secured. The reason for this is because if someone can physically access your machine they basically have access at the root level. This is because in Linux one can make changes to the kernel prior to booting. This is particularly easy if the machine is dual-bootable. Basically to make changes one would:
1. Highlight the Linux installation in the list and press “e” to edit
2. Highlight the kernel option and press “e” to edit
3. Add “single” to the end of the line and press enter
4. Select “b” to boot into single-user mode
In a non-dual boot environment one would just press “e” during the start-up process to bring up the kernel option.
Taking those four steps will grant someone access to your machine at the root level. At that point an unauthorized user could do anything they wanted to including changing the password for root. After doing so and rebooting the machine, they could continue their malicious activity either on or off-site.
That ability to easily gain full control to a machine and potentially an entire data network is why physical security is so important.