Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!sdd.hp.com!usc!apple!snorkelwacker.mit.edu!bloom-beacon!eru!hagbard!sunic!mcsun!unido!pemstgt!ralfi
From: ralfi@pemstgt.PEM-Stuttgart.de (Ralf Holighaus)
Newsgroups: comp.unix.sysv386
Subject: Re: HELP root password unknown
Message-ID: <1990Nov28.100555.20663@pemstgt.PEM-Stuttgart.de>
Date: 28 Nov 90 10:05:55 GMT
References: <1990Nov20.094505.896@ceres.physics.uiowa.edu> <28378@usc>
Organization: PEM Tillmann Basien, Stuttgart, Germany
Lines: 31

kjh@pollux.usc.edu (Kenneth J. Hendrickson) writes:

>In article <1990Nov20.094505.896@ceres.physics.uiowa.edu> rlm@ceres.physics.uiowa.edu writes:
>>Someone (a hacker I suppose) has changed the root password on our ESIX system 
>>- is it possible to access the system to reset this?

>I HOPE NOT.  If there is, then all ESIX systems are terribly insecure.
>I hope you have to have each user backup their stuff, and re-load the OS
>off of the original disks and/or tapes.  I hope this not to wish you a
>terrible lot of work, but because I am thinking about ESIX, and I
>wouldn't want such an insecure system.

>In addition, how do we know that you aren't some hacker trying to
>compromise some ESIX system?  :-)

>-- 

Actually, I think there might be the same possibility as on a SCO system:
Maybe you have an Emergency Boot Disk. Use this disk to bood, mount the
filesystem of the hard disk and modify /etc/passwd there to remove the
password entry of root. Then boot off the hard disk and enter a new passwd
immediately for root.

Rgds
Ralf Holighaus
-- 
Programmentwicklung fuer    Microcomputer |         Ralf U. Holighaus
PO-Box 810165        Vaihinger Strasse 49 |         >> PEM Support <<
D-7000 Stuttgart 80          West Germany | holighaus@pemstgt.PEM-Stuttgart.de
VOICE: x49-711-713045 FAX: x49-721-713047 |      ..!unido!pemstgt!ralfi