Re: Single user mode

Bart Hartgers (barth@stack.nl)
Wed, 15 Jan 1997 14:16:03 +0100 (MET)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Paul Wouters: "2.0.28, "Link is down" still trashes machine."
Previous message: Jes Degn Soerensen: "Re: another 2.1.21 compile problem"

At a certain point in time&space, daniel riek wrote:
>
> Hi!
>
> George B. Winston IV wrote:
> >
> > Sorry for the lame question, but I think my system was hacked and all
> > of the passwords changed. I can't even log-in as root.
> >
> > Is it possible to boot in single user mode and change root's
> > password? If so, How do you boot in single user mode and change
> > root's password.
> That seems to depend on the Distrib. you installed. In general every
> boot-prompt-option, that lilo and the kernel don't understand, is passed
> to the Process with Id 1 (Init). And Init takes the runlevel to start
> with, as an argument. So on Redhat 4 (SysV-like-Init) it's possible to
> start in single-user-mode with:
>
> lilo>linux 1
>
>
> Besides this is a major security hole, as it is much easier and faster
> to hack a linux-box via this trick, than by using an boot-/root-disk.
>
> Greetings, Daniel
> ---
>
What security hole? It requires physical access to the console. At the
console, you can also (pick 1 or all 5)
- shutdown/reboot the machine
- switch off
- open the box
- take out everything
- switch on again :-)

If you give potential hackers access to the machine, all bets are off with
any kind of machine, except maybe a large block of concrete.

Bart

-- 
// Bart Hartgers  <bart@oke.nl>  <A.Hartgers@stud.tue.nl>  <barth@stack.nl>
// Snail: Jan tooropstraat 39/42 5642AJ - Eindhoven - The Netherlands
// Voice: ++31-402815565                      Finger: barth@turtle.stack.nl 
// Unsolicited Commercial E-mail is NOT appreciated!

Next message: Paul Wouters: "2.0.28, "Link is down" still trashes machine."
Previous message: Jes Degn Soerensen: "Re: another 2.1.21 compile problem"