On 6/21/06, Joco Salvatti <[EMAIL PROTECTED]> wrote:
Let's suppose an attacker entered the room where an OpenBSD server is
why didn't you lock the door?
located in, and by mistake the system administrator has forgotten to logout the root login session. So the attacker could enter in single user mode, without the need for the root password, and load a malicious kernel module. He also could do millions of other things, but changing root's password, because the system administrator would notice it immediatelly. I believe it could be more difficult for the attacker if there were a different password to log in the system in single user mode.
or the attacker could take his super 1337 hax0rix0ragizzlerotfl usb key out of his pocket, plug it in, and boot from that. really, it's very simple: if you don't control access to the server, you don't control the server.
