Home page logo

bugtraq logo Bugtraq mailing list archives

Re: password backdoors (on Apollo)
From: szabo_p () maths su oz au (Paul Szabo)
Date: Fri, 12 May 95 07:31:23 +1000

Dan Thorson <Dan_Thorson () notes seagate com> wrote:
Sure, shut the machine, REset, then (and I can't remember the exact sequence) 
you should be able to modify the /etc/passwd file, re-start the OS, root has 
the password (or lack thereof) you set up in the previous step.
Just another example of physical security being important.

Good try... except that Apollos do not use /etc/passwd files. (They use the
registry daemon rgyd, the /etc/passwd file being a read-only object provided
for compatibility with brain-dead UNIX utilities only.) Besides, if you had
set sensible permissions on your file system, then you should not be able to
modify anything (let alone /etc/passwd) from Apollo's "PhaseII Shell" (the
single-user mode) where you run as user.none.none.

Paul Szabo - System Manager   //        School of Mathematics and Statistics
szabo_p () maths su oz au        //   University of Sydney, NSW 2006, Australia

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]