From owner-freebsd-questions@freebsd.org Thu Feb 28 15:00:25 2019 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id CEF1A150A996 for ; Thu, 28 Feb 2019 15:00:25 +0000 (UTC) (envelope-from galtsev@kicp.uchicago.edu) Received: from kicp.uchicago.edu (kicp.uchicago.edu [128.135.20.70]) by mx1.freebsd.org (Postfix) with ESMTP id DFDE76E98F for ; Thu, 28 Feb 2019 15:00:24 +0000 (UTC) (envelope-from galtsev@kicp.uchicago.edu) Received: from point.uchicago.edu (point.uchicago.edu [128.135.52.6]) by kicp.uchicago.edu (Postfix) with ESMTP id 1BA9E718057 for ; Thu, 28 Feb 2019 09:00:18 -0600 (CST) Subject: Re: possible vulnerability To: freebsd-questions@freebsd.org References: From: Valeri Galtsev Message-ID: Date: Thu, 28 Feb 2019 09:00:17 -0600 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:60.0) Gecko/20100101 Thunderbird/60.5.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: DFDE76E98F X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; dmarc=fail reason="" header.from=uchicago.edu (policy=none) X-Spamd-Result: default: False [-0.54 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.56)[-0.555,0]; DMARC_POLICY_SOFTFAIL(0.10)[uchicago.edu : No valid SPF, No valid DKIM,none]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-0.44)[-0.436,0]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; TO_DN_NONE(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; IP_SCORE(-0.01)[country: US(-0.07)]; NEURAL_SPAM_SHORT(0.37)[0.373,0]; MX_GOOD(-0.01)[kicp.uchicago.edu]; RCVD_IN_DNSWL_NONE(0.00)[70.20.135.128.list.dnswl.org : 127.0.10.0]; R_SPF_NA(0.00)[]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:160, ipnet:128.135.0.0/16, country:US]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 Feb 2019 15:00:26 -0000 On 2/28/19 8:00 AM, Albin Lidén wrote: > Please do forward this to the right team > > Wzup u BSD-govs! > I just thought about something related to BSD/UNIX and Linux security > What would happen if a user did execute a script which put the system into > a single user mode during when the OS i completely in multi-user-mode Do we have a troll again? One has to know what level of privileges one has to have to do this or that before offering "insight" BS like this one IMHO. Valeri > > that would lockup the passwd for the root to change his password WITHOUT > having it > > wouldn't that be a risky action, by a possible hacker > maybe even a vulnerability, if you have forgotten to lock the mode when in > multi-user sufficiently > > if the user just went into that mode, without any root shell he would be > root and he would have access to mount and also to passwd > > just pondering about this, realized it could be a possible backdoor or > other way round the otherwise strict security > > no need to reply, simply check this, if you believe I could be right > > another possible way around security would be to reload the freebsd boot > loader, but NOT reboot the system. then run in single user mode > > such as nintendo once had a bug which allowed exploits to access the > 3ds-mode, when it was unlocked, 3ds roms may be ran without restrictions > > thank u guys > have a good one! > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > -- ++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++