Re: ***HUGE*** security hole??!! (Re: Lost root passwd)
On Sat, 10 Oct 1998, Norbert Nemec wrote:
> Ouch, I tried it, it really works!!!! That means on a standard
> Linux-machine, everybody could just switch off the power, give the
> LILO-kernel option on reboot and be root??!! Why not simply drop the
> need of a login password?
Anyone with physical access to a machine should be expected to be able to
gain root access at any time. Same goes for Solaris, etc. As long as the
computer has a CD-ROM that can be booted or a floppy that can be
automounted, you can gain root access.
George Bonser
The Linux "We're never going out of business" sale at an FTP site near you!
Reply to: