[236] in linux-security and linux-alert archive
Re: LILO hole
daemon@ATHENA.MIT.EDU (Andrew Hughes)
Tue May 16 04:10:44 1995
From: Andrew Hughes <andrewh@muddcs.cs.hmc.edu>
To: jcgreen@fire.com (Jon Green)
Date: Wed, 3 May 1995 10:27:54 -0700 (PDT)
Cc: dblanken@Paranor.pc.cc.cmu.edu, linux-security@tarsier.cv.nrao.edu
In-Reply-To: <199504280320.WAA16509@fire.fire.com> from "Jon Green" at Apr 27, 95 10:20:26 pm
>
> Actually, this is pretty simple to fix. I have this in /etc/inittab:
>
> # Shell to run in single user mode.
> su:S:wait:/sbin/sulogin
>
That's very nice, but it seems to me that this is just another demo of the
fact that if someone can get to your console long enough, they can break
your machine. If you have sulogin and all such, that's very nice, but I'll
bet that 90%+ of the Linux boxes out there can be trivially rebooted with a
floppy, at which point I mount your harddrive and have at it. Not really a
hole, just a fact of life. You've got to keep the machine physically secure
from people yuo don't trust.
AndrewH
[Mod: There have been quite a few "beating a dead horse" submissions to
the list regarding things like hacking root by booting from a floppy and
mounting the hard drive. This sort of thing is a well-known
vulnerability with PC's, and though you can try protecting yourself from
it by reordering the boot sequence, adding a BIOS password, etc.,
there's no real *sure-fire* way to protect yourself from people that
have physical access to your machine(s)--it's just an ugly fact. Please
let's let this thread die... --Jeff.]
