Hi there,
On Mon, 19 Jan 2026, Paul Leyland wrote:
On 18/01/2026 17:32, G.W. Haywood wrote:
> ...
> ... If users
> can e.g. run a compiler on the server they can alternatively download
> vulnerable code (any vulnerable code, not just zlib) and build it.
> Then they can do what they like with it. I've done that for example
> to hack into a Debian box when the owner forgot the root password.
In my experience it is much easier to boot into a live distro from
external media (DVD, USB stick, etc), mount the original system disk and
then just zap the entry in /mnt/etc/passwd.
Let's not get side-tracked. My point was don't worry about things
just because they've popped up in the news, there are more ways to
kill a cat than choking it to death with a pound of best butter.
Rule of thumb: if you have physical access to the hardware, the
machine is yours.
The box is probably yours, also, if you can run a compiler on it. If
the vulnerable code isn't on there to build, you can write some. My
example was a remote machine, and yes, encrypted filesystems. I just
transferred some code to it, compiled it, and ran it to get root. It
was six commands at the 'bash' prompt and it took under three minutes.
A reboot would have taken longer and would have been visible to other
users - for some reason the owner of the box wasn't too keen on that.
There's a tendency for people to rush around shouting about new CVEs
and in the process to forget about the basics. Locking down access
has to be pretty high on the list of things to consider.
--
73,
Ged.
_______________________________________________
BackupPC-users mailing list
[email protected]
List: https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki: https://github.com/backuppc/backuppc/wiki
Project: https://backuppc.github.io/backuppc/
