Path: utzoo!censor!geac!torsqnt!news-server.csri.toronto.edu!cs.utexas.edu!know!theep!isomr!bma35b!alex
From: alex@bma35b.ma02.bull.com (Alex Bottonelli @Bull Italia FLM Newton Mass. USA)
Newsgroups: comp.unix.sysv386
Subject: Re: HELP root password unknown
Summary: Options for regaining access to a system
	 when root password is lost ...
Message-ID: <23@bma35b.ma02.bull.com>
Date: 6 Dec 90 18:22:21 GMT
References: <1990Nov20.094505.896@ceres.physics.uiowa.edu> <28378@usc>
Organization: FLM Newton Unix Support
Lines: 31

In article <28378@usc>, kjh@pollux.usc.edu (Kenneth J. Hendrickson) writes:
> In article <1990Nov20.094505.896@ceres.physics.uiowa.edu> rlm@ceres.physics.uiowa.edu writes:
> >Someone (a hacker I suppose) has changed the root password on our ESIX system 
> >- is it possible to access the system to reset this?
> 
> I HOPE NOT.  If there is, then all ESIX systems are terribly insecure.
> ...
> ... 
> In addition, how do we know that you aren't some hacker trying to
> compromise some ESIX system?  :-)
> 

Well if you are not an hacker and you have physical access to the machine,
all unix systems I have played with, so far, can boot a minimal unix kernel
from floppy. If you can do that, you can mount the hard disk root partition,
say under /mnt and do:

		# /mnt/bin/ed /mnt/etc/passwd
		  *blank out the password field for root*
		
		  *reboot from hard disk*
		  *immediately reassign a known password to root*

Easy, isn't it?

     ____        ___ 		||  Alessandro Bottonelli
    /   /  /    /    |/		||  Bull Hn Italia
   /---/  /    /---  /		||  141 Needham St. - Ms 213
  /   /  /___ /___  /|		||  Tel. xx1-617-552-6471
_____________________)		||  Fax. xx1-617-552-5318
				||  Net. ..!uunet!hbiso!bma35b!alex