On Tuesday 23 December 2003 12:40, Sthitaprajna wrote: > On Tue, 23 Dec 2003 11:21:47 +0800, "Ganesan Kanavathy" > > <[EMAIL PROTECTED]> said: > > I have one incident last week that on my client PC someone has deleted > > the > > whole partition and the apache directory. Possibly he have known the root > > password. > > You dont need a root password to do something like that. There are > multiple vulnerabilities in software included with a Linux distro, and > also with Linux kernels, that allow people to break into and delete > stuff. Also, insecure configurations help breakins.
Most of all, if user has physical access to machines, he can probably boot it in single user mode without much of efforts. Not too many lilo installations are protected against it. There are few distro.s which need authentication even in single user mode but if single user mode is reached without authentication then all hell is loose anyways.. Secondly, I assume it was not a dual boot box, from earlier description. If it is, one can just boot in windows and delete linux partitions.. Similarly booting from a linux CD would do. Shridhar ------------------------------------------------------- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click _______________________________________________ linux-india-help mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/linux-india-help
