Full Disclosure mailing list archives
Re: Root password change
From: gboyce <gboyce () badbelly com>
Date: Fri, 31 Mar 2006 12:33:28 -0500 (EST)
On Fri, 31 Mar 2006, Valdis.Kletnieks () vt edu wrote:
On Fri, 31 Mar 2006 09:21:13 EST, Michael Holstein said:Trivial to defeat. Just boot in to single user mode with these kernel options: single init=/bin/bashAgain .. only due to initial misconfiguration. Nobody should allow alternate switches to be passed to the kernel at boot .. either by password-protecting the bootloader, or via firmware (as with OpenBoot).Of course, if you're that paranoid, you *did* configure whatever the machine uses for a BIOS to only boot off the intended hard drive, right? ;)
In which case the person needs to remove the hard drive, and put it into a different system for the modifications (or mirroring).
For the most part, if an attacker has physical access to the hardware itself, you just lose.
-- Greg _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Root password change Mockbee, Tom (Mar 30)
- Re: Root password change Michael Holstein (Mar 30)
- Re: Root password change Chris Adams (Mar 30)
- Re: Root password change spam (Mar 30)
- Re: Root password change Michael Holstein (Mar 30)
- Re: Root password change Anders B Jansson (Mar 30)
- Re: Root password change Kerry Thompson (Mar 30)
- Re: Root password change Gary E. Miller (Mar 30)
- Re: Root password change Michael Holstein (Mar 31)
- Re: Root password change Valdis . Kletnieks (Mar 31)
- Re: Root password change gboyce (Mar 31)
- Re: Root password change Valdis . Kletnieks (Mar 31)
- Re: Root password change gboyce (Mar 31)
- Re: Root password change Michael Holstein (Mar 30)