Re: securing debian

To: Debian User List <debian-user@lists.debian.org>
Subject: Re: securing debian
From: Remco Blaakmeer <remco@blaakmeer.student.utwente.nl>
Date: Mon, 4 May 1998 15:06:15 +0200 (CEST)
Message-id: <[🔎] Pine.LNX.3.96.980504150229.1088F-100000@blaakmeer.student.utwente.nl>
In-reply-to: <Pine.LNX.3.96.980426124517.15771B-100000@seldon.ormond.unimelb.edu.au>

On Sun, 26 Apr 1998, Chris wrote:

> Just a point of note:
> 
> If your brother has physical access to the machine there is no way you can
> stop him from getting root access.  
> 
> You can increase the difficulty by setting the bios to only boot from HDD
> and then locking the bios - but if he's smart enough that you have to
> worry about the root password, he's going to know how to reset the bios.
> In addition, if you have dos/windoze installed as well, and he can run it,
> he can most likely reset your bios without even taking the case off (use
> one of the numerous bios hacking programs around).

If it is possible to get a Lilo prompt at boot time or to start Linux
using Loadlin, it is much simpler to get root acess than you think. Just
give the argument 'init=/bin/bash' (without quotes) to the kernel and
you'll get a root shell without questions, because the kernel runs bash
(as root) instead of init.

Remco

--
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Prev by Date: Program do not fit in a window
Next by Date: Re: What's the storywith 2.0?
Previous by thread: Program do not fit in a window
Next by thread: Telnet Timeouts
Index(es):
- Date
- Thread