Date: Tue, 03 Apr 2001 11:32:53 -0700 From: Crist Clark <cjclark@alum.mit.edu> To: Craig Cowen <craig@allmaui.com> Cc: freebsd-security@FreeBSD.ORG, freebsd-stable@FreeBSD.ORG Subject: Re: su change? Message-ID: <3ACA1755.7C98C5@alum.mit.edu> References: <005401c0bc63$7cb36650$0202a8c0@majorzoot> <001f01c0bc68$681a2b20$1200a8c0@gsicomp.on.ca> <20010403140935.F9618@pir.net> <3ACA12FF.F4000B95@allmaui.com>
next in thread | previous in thread | raw e-mail | index | archive | help
[-stable cut from CC-list. -security almost cut.] Craig Cowen wrote: > > FALSE! If you have the boot prom set not to allow booting from cdrom, you're > bummin' Then just enable it again. Jeesh. It's more fun if the system has no CDROM, tho' (or floppy to boot up OpenBSD). Ever tried to setup a netboot into single-user just to access a messed up Sun box? If you've put a password in the boot PROM and forgotten that however, you are fscked. Time to buy a new chip! > > Matthew Emmerton <matt@gsicomp.on.ca> probably said: > > > Just consider your friend lucky - doing similar things to the root account > > > on any enterprise UNIX (UnixWare, Solaris, AIX) could require a complete > > > reinstall - especially if it's running C2-level security. If you're running a trusted system, is root even that special anymore? Messing up root should be just like messing up any other account. > > False. > > > > Solaris, certainly, would just require booting from cdrom, mounting / > > and editing the password file. -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3ACA1755.7C98C5>