Disable security

ionmich · July 10, 2020, 4:01pm

XFCE in use.

Is there a simple way to disable all security?

Thanks in advance.

nrickert · July 10, 2020, 4:17pm

To disable all security, just run Windows instead of openSUSE

Your question is really too vague, because “all security” is too broad to make sense.

hcvv · July 10, 2020, 5:02pm

Likewise I would say: log in as root and set it on a table in the main square of the neartest town.

tsu2 · July 10, 2020, 7:10pm

Aside from humorous responses,
You can maybe start by doing the opposite of recommended security practice…

openSUSE documentation provides documentation on how to secure your system…
https://doc.opensuse.org/documentation/leap/security/html/book-security/cha-security.html#sec-security-overview

So,
You could do stuff like
Install only a root User account with a blank password
Uninstall or disable AppArmoer and SELinux
Disable or uninstall firewalls
Disable access to repos (so no updating possible)
Lots of network broadcasts and multicasts.
Etc.

This actually isn’t an entirely crazy question…
images of systems like Metasploitable exist to practice exploiting victims.

TSU

hcvv · July 10, 2020, 7:26pm

I would say your answer is as humorous as ours.

deano_ferrari · July 10, 2020, 11:41pm

…and potentially more dangerous.

brunomcl · July 11, 2020, 1:33am

I’m curious, why would you want to do that?

brunomcl · July 11, 2020, 1:35am

Ah, just saw your other post about losing access to you passwords.

tsu2 · July 11, 2020, 6:14am

One could be the use case I described… to practice running exploits to test systems.

Of course, no one should knowingly use an insecure system for normal use.

But baby hackers/crackers won’t grow up to be security White Hats with an understanding of their opponents unless they have a victim to whack while learning.
And yes… maybe do some practice cracking.

TSU

dcurtisfra · July 11, 2020, 7:28pm

Given openSUSE and, the Repository Patterns, even if you attempt to install a really minimal system, you’ll be left with the following:
patterns-base-base - Minimal Base System: needs:shadow
util-linux
openssh
polkit
which
kbd
polkit-default-privs
pattern() = minimal_base

patterns-base-minimal_base - Minimal Appliance Base: needs:coreutils
systemd
aaa_base
bash
e2fsprogs
glibc
zypper
rpm
device-mapper
pam
procps
dracut
filesystem
distribution-release
sysconfig
kmod
kbd
system-group-hardware
system-user-nobody
openSUSE-build-key
[HR][/HR]In other words, whether you want it or not, you’ll have to live with the PolicyKit and, the passwd Shadow.

OK, you could try removing the polkit package and then locking it to prevent it being reinstalled …
Ditto the shadow package – which looks after encrypting the user’s passwords …

Then, you could attempt to add patterns to your basic security-less system, to make it a little bit more useful but, I suspect that package dependencies will prevent your attempts from being successful …