"Hossein S. Zadeh" wrote:
>
> If your untrusted users have physical access
> to the server, so they can reboot the machine and go to single user mode,
> you've got much more to worry about than just changed root password.
>
I plan to install a simple ham radio bbs in the local school. The system
should be based on Linux. To avoid installing client computers in the
same room, users should be allowed to log on locally and 'telnet' to the
internal bbs. Kids are curious and they can easily reboot the machine
(just with pull the cord) and entyer single mode. For the sake of system
reboots by itself (in case of power outage) it should activate the bbs
automaticaly, without admin's response. So, boot password should not be
implemented or something like that.
Now, I just wonder if they could get root's privileges by any way (of
course without opening the box in order to erase RAM etc etc)? Is there
a way to disable 'single' mode option? Is there a way to use any
'rootkit' tool from ordinary user's account in order to get root's
password? From my previous experience with the kids, they are likely to
use software rather than hardware solutions to beat the system :-)
Misko
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
