[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ***HUGE*** security hole??!! (Re: Lost root passwd)

On Sat, 10 Oct 1998, Norbert Nemec wrote:

> Ouch, I tried it, it really works!!!! That means on a standard
> Linux-machine, everybody could just switch off the power, give the
> LILO-kernel option on reboot and be root??!! Why not simply drop the
> need of a login password?

Anyone with physical access to a machine should be expected to be able to
gain root access at any time. Same goes for Solaris, etc. As long as the
computer has a CD-ROM that can be booted or a floppy that can be
automounted, you can gain root access. 

George Bonser

The Linux "We're never going out of business" sale at an FTP site near you!

Reply to: