Sometime on May 5, passion01 assembled some asciibets to say:
> Someone has thrown a challange to login in linux without knowing the
> loginname or password at all. Is it really possible?
Is the system secure? There are various ways of doing this depending on
the level of security.
1. At LILO prompt, type linux 1 or linux single.
- if LILO is protected, it could ask for a password at this point.
- if it doesn't, it will boot up into single user mode
- if inittab calls sulogin, it could ask for root password after booting
- if it doesn't, you have a root shell - this obviously means a lax
sysadmin
2. If option 1 doesn't work, then boot from a floppy, figure out which
is the root file system and mount it. chroot to the root system.
At this point you could choose to disable security mechanisms that
prevented option 1, or change passwords, or mount all other file systems
and do whatever you wanted to do, since you have a root shell
This can be prevented by
- blocking floppy boots from BIOS, and setting a BIOS password.
- or using encrypted file systems
3. Open the computer, take out the hard disk, take it home, work on it
at your own pace, and do what you want to it.
--
"Boy, life takes a long time to live."
-- Steven Wright
_______________________________________________________________
Have big pipes? SourceForge.net is looking for download mirrors. We supply
the hardware. You get the recognition. Email Us: [EMAIL PROTECTED]
_______________________________________________
linux-india-help mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/linux-india-help
