On Fri, 2003-03-14 at 14:39, Jason Straight wrote: > > I disagree, i don't think that if you go into single user mode that you > > should be root. You should still have to log in. The argument that someone > > has physical access to your computer thus making it your problem and not an > > exploit is IMHO fallacious. No one should be able to get root that easily. > > So set a bios password or a bootloader password if you are worried about > physical security, because simply having someone not log in as root by single > mode won't save you from a bootdisk anyway. > > Having a password in single mode would be useless as a means of physical > security. > > Set your bios with a pw (edit pw, not a boot pw - after all you don't want to > have to enter a pw every time you boot - that sucks), set your bios to only > boot from HD. > > Now in lilo set it restricted so that someone with physical access can't give > options to lilo bootparams without supplying a password. > > Now no one can use a bootdisk to get around OS security, and no one without > the password can boot single mode. Problem solved.
Not entirely. You also have to lock your case shut somehow to stop someone opening it up and flicking the BIOS reset... Anyway, in regards to the original bug, this isn't purely a local exploit, surely? Doesn't it also apply to someone ssh'ing in from a remote site? i.e., I could give a simple user account to someone in Australia, thinking it's safe, and they could then ssh in and use this exploit to get a root shell? -- adamw
