Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!swrinde!mips!twg.com!david From: david@twg.com (David S. Herron) Newsgroups: comp.unix.sysv386 Subject: Re: HELP root password unknown Message-ID: <8370@gollum.twg.com> Date: 27 Nov 90 03:03:34 GMT References: <1990Nov20.094505.896@ceres.physics.uiowa.edu> <28378@usc> Reply-To: david@twg.com (David S. Herron) Organization: The Wollongong Group, Palo Alto, CA Lines: 41 In article <28378@usc> kjh@pollux.usc.edu (Kenneth J. Hendrickson) writes: >In article <1990Nov20.094505.896@ceres.physics.uiowa.edu> rlm@ceres.physics.uiowa.edu writes: >>Someone (a hacker I suppose) has changed the root password on our ESIX system >>- is it possible to access the system to reset this? > >I HOPE NOT. If there is, then all ESIX systems are terribly insecure. >I hope you have to have each user backup their stuff, and re-load the OS >off of the original disks and/or tapes. I hope this not to wish you a >terrible lot of work, but because I am thinking about ESIX, and I >wouldn't want such an insecure system. Now now now.. calm down. For eons and eons (maybe since even the Epoch (1-Jan-70)) there have been numerous ways of getting priveledged access to systems if you have physical access. Sometimes with the help of the distribution media. On Vaxen you'd press BREAK (or sometimes ^P) and then some variant of the "b" (or boot) command will bring you to "single user". (single-user means you have a "root shell" which is the only thing running in the system) On Sun's you press L1-A and then "b -s" and you again go to single-user. On most SysV's I'm familiar with you take the first floppy from the distribution set (the boot floppy) & boot it. Then during the initial messages you hit the interrupt character (DEL usually..) and you're dropped to a single-user shell. All this is documented in the relavent manuals &so I don't see that it's any great security risk to let the information out. Besides, if someone has physical access to your system they could do something as "gross" as taking the physical machine somewhere so that they can play with it at their leisure. This is one of the reasons why I don't understand wanting to have *computers* on each desk ... -- <- David Herron, an MMDF & WIN/MHS guy, <- Formerly: David Herron -- NonResident E-Mail Hack <- <- Use the force Wes!