Date: Tue, 3 Apr 2001 14:30:12 -0500 (CDT) From: James Wyatt <jwyatt@rwsystems.net> To: freebsd-security@freebsd.org Cc: freebsd-stable@FreeBSD.ORG Subject: Re: su change? Message-ID: <Pine.BSF.4.10.10104031422550.4963-100000@bsdie.rwsystems.net> In-Reply-To: <20010403140935.F9618@pir.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 3 Apr 2001, Peter Radcliffe wrote: > Matthew Emmerton <matt@gsicomp.on.ca> probably said: > > Just consider your friend lucky - doing similar things to the root account > > on any enterprise UNIX (UnixWare, Solaris, AIX) could require a complete > > reinstall - especially if it's running C2-level security. > > False. > > Solaris, certainly, would just require booting from cdrom, mounting / > and editing the password file. Why is booting from CDROM a better fix than booting single-user from the hard disk? The original poster wanted to avaoid a reboot *at all*. Solaris, AIX, and even FreeBSD can be booted from a CDROM nowadays, but I've recovered a SCO system that had a security-fault in it's trustware. Reinsall was the advised procedure, but there were enough security-db tools to recover the root account. On the high-security systems I've seen, a skilled tech can usually recover the system to allow operation, but the machine should be considered tainted and reinstalled ASAP if you ever want support from the vendor or peace from your auditors. - Jy@ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.10104031422550.4963-100000>