Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!wuarchive!emory!wa4mei!holos0!wdh
From: wdh@holos0.uucp (Weaver Hickerson)
Newsgroups: comp.unix.internals
Subject: Re: Getting to root when the password has been lost
Message-ID: <1990Oct10.150848.3143@holos0.uucp>
Date: 10 Oct 90 15:08:48 GMT
References: <15807@shlump.nac.dec.com> <12@tdatirv.UUCP>
Organization: Holos Software, Inc., Atlanta, GA
Lines: 16
Eepeep: WHAT, Noname?

I missed the first part of this thread, but it appears that someone is
trying to be root but nobody knows the root passwd.  Happened to me one
time on an NCR Tower due to the fact that, if /etc/passwd had a blank line
as line one, nobody could login  (or was it that everybody could login as
root, or...)  anyway, I did a find and found a file that was setuid,
belonged to root, and was writable by me.  I wrote a small 'C' program to
change the permissions on /etc/passwd to rw-rw-rw (temporarily, of course),
linked the program, cat'ted that into the setuid file, and voila.  Edit the
passwd file, fix it, chmod, away we go...  Luckily I was on a development
system, and some of the software used root setuid.  Maybe you're as lucky.

Good luck

Weaver
-- 
-Weaver Hickerson   Voice (404) 496-1358   :  ..!edu!gatech!holos0!wdh