On 18/01/2026 17:32, G.W. Haywood wrote:
In the case of BackupPC I'm not sure how easy it would be to arrange
for these conditions to be met, but it could theoretically be achieved
by getting BackupPC to back up or recover a crafted file. (If users
can e.g. run a compiler on the server they can alternatively download
vulnerable code (any vulnerable code, not just zlib) and build it.
Then they can do what they like with it. I've done that for example
to hack into a Debian box when the owner forgot the root password.
In my experience it is much easier to boot into a live distro from
external media (DVD, USB stick, etc), mount the original system disk and
then just zap the entry in /mnt/etc/passwd. Rule of thumb: if you have
physical access to the hardware, the machine is yours.
All of the above assumes that the system disk is not encrypted *and* its
encryption key has not been lost. If it is lost, you're screwed - to use
a technical term.
Paul
_______________________________________________
BackupPC-users mailing list
[email protected]
List: https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki: https://github.com/backuppc/backuppc/wiki
Project: https://backuppc.github.io/backuppc/
