[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Root password change

To: Valdis.Kletnieks@xxxxxx
Subject: Re: [Full-disclosure] Root password change
From: gboyce <gboyce@xxxxxxxxxxxx>
Date: Fri, 31 Mar 2006 12:33:28 -0500 (EST)

On Fri, 31 Mar 2006, Valdis.Kletnieks@xxxxxx wrote:

On Fri, 31 Mar 2006 09:21:13 EST, Michael Holstein said:

Trivial to defeat.  Just boot in to single user mode with these kernel
options:
        single init=/bin/bash


Again .. only due to initial misconfiguration.

Nobody should allow alternate switches to be passed to the kernel at
boot .. either by password-protecting the bootloader, or via firmware
(as with OpenBoot).


Of course, if you're that paranoid, you *did* configure whatever the machine
uses for a BIOS to only boot off the intended hard drive, right? ;)

In which case the person needs to remove the hard drive, and put it into adifferent system for the modifications (or mirroring).

For the most part, if an attacker has physical access to the hardwareitself, you just lose.


--
Greg

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] Root password change
  - From: Valdis . Kletnieks

References:
- Re: [Full-disclosure] Root password change
  - From: Valdis . Kletnieks

Prev by Date: Re: [Full-disclosure] Root password change
Next by Date: Re: [Full-disclosure] Root password change
Previous by thread: Re: [Full-disclosure] Root password change
Next by thread: Re: [Full-disclosure] Root password change
Index(es):
- Date
- Thread