On 6/21/06, Joco Salvatti <[EMAIL PROTECTED]> wrote:
Let's suppose an attacker entered the room where an OpenBSD server is

why didn't you lock the door?

located in, and by mistake the system administrator has forgotten to
logout the root login session. So the attacker could enter in single
user mode, without the need for the root password, and load a
malicious kernel module. He also could do millions of other things,
but changing root's password, because the system administrator would
notice it immediatelly.
I believe it could be more difficult for the attacker if there were a
different password to log in the system in single user mode.

or the attacker could take his super 1337 hax0rix0ragizzlerotfl usb
key out of his pocket, plug it in, and boot from that.

really, it's very simple: if you don't control access to the server,
you don't control the server.

Reply via email to