| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20050716195516.GA5645@mordor.angband.thangorodrim.de>
Date: Sat, 16 Jul 2005 21:55:16 +0200
From: als@...ngorodrim.de
To: Sumy <sanandres@...il.com>
Cc: FULLDISC <full-disclosure@...ts.grok.org.uk>,
SBUGTRAQ <bugtraq@...urityfocus.com>
Subject: Re: Rooting Linux with a floppy
On Thu, Jul 14, 2005 at 04:23:31PM -0800, Sumy wrote:
> You have lost your root password on your linux box and now you
> consider formatting
> everythign to regain control? Your admin is a moron that leaves the
> server available
> physically for everybody? You wanna test your Linux box? Don't worry
> if you have at least
> a floppy rescue disk under hand,you can root it ;-) )
>
> The problem with the new version of Linux since 6.2 is :
> http://www.exploitx.com/69/rooting-linux-with-a-floppy/
*yawn*
This was old news 10 years ago.
Unless you are facing a very special setup (for instance crypto disks
even for system installation), you can easily take over most UNIX systems
if you are able to boot from a medium of your choice.
That's why physical security is important too.
As a rule: You usually can take control of any system provided you have
sufficient physical access to it.
BTW: there are plenty of errors and omissions in the web page
advertised by you.
Regards,
Alex.
--
"Opportunity is missed by most people because it is dressed in overalls and
looks like work." -- Thomas A. Edison
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists