I know several ways to get root with physical access, but I didn't know about using lilo like this or how to secure it. This is useful if you have linux workstations and want to make sure employees/users can't do things they shouldn't.
Most of us know to set a bios/prom password so users can't boot floppy or CD to get access. This type of information won't protect us from a ruthless blackhat, but will help keep authorized users inline. Dusty > You didn't know that? > > There's numerous ways to root a box you haev physical access to. > Basically, if an attacker has physical access, you're 0wn3d buddy. > > linux single > linux 1 > *(Above two won't work on some distros, slack comes to mind as it's > sulogin requires a root pw) > > linux init=/bin/bash (completly bypass normal startup and spawn a root > shell, no login needed) > > Use a bootdisk > Remove hard drive and mount in a different machine > > If the attacker has physical access, consider yourself screwed (unless > you have an encrypted FS that requires a passphrase at startup). > > --MonMotha > > (quote cut because it was really long) > > _______________________________________________ > LUAU mailing list > [EMAIL PROTECTED] > http://videl.ics.hawaii.edu/mailman/listinfo/luau
