On Sat, Nov 15, 2003 at 07:38:40PM -0800, Mark Knecht wrote:
> On Sat, 2003-11-15 at 13:39, Ric Messier wrote:
> > Bit of a red herring, actually. If I can walk up to your system, it won't
> > matter whether I can hit Ctrl-Alt-Bksp to get into your account or not. If I
> > have physical access to your box, I own it. Period.
> >
> > Ric
>
> OK, I'll bite. How?
>
> My work box is locked in a closet. The monitor, keyboard and mouse are
> available. The screensaver is locked. I've turned on DontZap and
> DontVtSwitch. I hand you the keyboard and mouse. What can you do?
>
> - Mark
That certainly makes it harder. You didn't mention that physical
access was limited in this way before, right?
Do you have MAGIC_SYSRQ compiled into your kernel? If
so, it is possible to reboot the machine, and then if whatever
you have installed in the MBR doesn't prevent it somehow, it
would be possible to boot up with init=/bin/sh, thereby providing
root access without the need for a password.
Does the closet door have one of those standard inside latches
that can be easily forced open with a credit card?
- richard
--
Richard Kilgore
[EMAIL PROTECTED]
--
[EMAIL PROTECTED] mailing list
