Re: [Full-disclosure] Root password change
- From: gboyce <gboyce@xxxxxxxxxxxx>
- Date: Fri, 31 Mar 2006 12:33:28 -0500 (EST)
On Fri, 31 Mar 2006, Valdis.Kletnieks@xxxxxx wrote:
On Fri, 31 Mar 2006 09:21:13 EST, Michael Holstein said:Trivial to defeat. Just boot in to single user mode with these kernel
options:
single init=/bin/bash
Again .. only due to initial misconfiguration.
Nobody should allow alternate switches to be passed to the kernel at
boot .. either by password-protecting the bootloader, or via firmware
(as with OpenBoot).
Of course, if you're that paranoid, you *did* configure whatever the machine
uses for a BIOS to only boot off the intended hard drive, right? ;)
In which case the person needs to remove the hard drive, and put it into a different system for the modifications (or mirroring).
For the most part, if an attacker has physical access to the hardware itself, you just lose.
--
Greg
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Follow-Ups:
- Re: [Full-disclosure] Root password change
- From: Valdis . Kletnieks
- Re: [Full-disclosure] Root password change
- References:
- [Full-disclosure] Root password change
- From: Mockbee, Tom
- Re: [Full-disclosure] Root password change
- From: Michael Holstein
- Re: [Full-disclosure] Root password change
- From: spam
- Re: [Full-disclosure] Root password change
- From: Kerry Thompson
- Re: [Full-disclosure] Root password change
- From: Gary E. Miller
- Re: [Full-disclosure] Root password change
- From: Michael Holstein
- Re: [Full-disclosure] Root password change
- From: Valdis . Kletnieks
- [Full-disclosure] Root password change
- Prev by Date: Re: [Full-disclosure] Root password change
- Next by Date: Re: [Full-disclosure] Root password change
- Previous by thread: Re: [Full-disclosure] Root password change
- Next by thread: Re: [Full-disclosure] Root password change
- Index(es):
Relevant Pages
|
