From owner-freebsd-questions@FreeBSD.ORG Fri Apr 23 04:38:36 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 90FD216A4CE for ; Fri, 23 Apr 2004 04:38:36 -0700 (PDT) Received: from hotmail.com (bay16-dav15.bay16.hotmail.com [65.54.186.195]) by mx1.FreeBSD.org (Postfix) with ESMTP id 779C043D53 for ; Fri, 23 Apr 2004 04:38:36 -0700 (PDT) (envelope-from admsrv_maxx@hotmail.com) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Fri, 23 Apr 2004 04:38:36 -0700 Received: from 80.200.112.96 by bay16-dav15.bay16.hotmail.com with DAV; Fri, 23 Apr 2004 11:38:36 +0000 X-Originating-IP: [80.200.112.96] X-Originating-Email: [admsrv_maxx@hotmail.com] X-Sender: admsrv_maxx@hotmail.com From: "MaXX" To: Date: Fri, 23 Apr 2004 13:38:47 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1409 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409 Message-ID: X-OriginalArrivalTime: 23 Apr 2004 11:38:36.0268 (UTC) FILETIME=[83AAAAC0:01C42927] Subject: Possible security hole in FreeBSD 4.8-RELEASE???? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Apr 2004 11:38:36 -0000 Good afternoon, I have installed FreeBSD 4.8Release on a machine to experiment settings before attempting to place them on my "server". Due to a problem with the port system on this machine I decided to reinstall only the port system via sysinstall, during the process, I switched to anoter console (ttyv3) and login as root, the password was not asked... Hopefully I was not able to connect the machine via Telnet and so on, but I ask myself, if the root password is cleared by sysinstall, there can be more possibilities to acces the machine via some other techniques, I'm some kind of newbie, but since Apache still running there can be some "hacking techniques" to gain root rights on the machine.... Security is not a "real" concern for me because those machines are my home network but for people who uses freeBSD as production machine, I could be interesting to warn them about this fact and ask them to shutdown most of the network related services (like apache) during such process. I also know that poduction machine are not updated that way so often (sysadmins are not as stupid as me) but who knows when an attack will appen? Sam P.S.: Sorry for my bad english and thank again. I'm very interested in FreeBSD and I still availlable for comments... Have a nice day! Ho i Forgot: FreeBSD 4.8-RELEASE #0: Thu Apr 3 10:53:38 GMT 2003 root@freebdsd-stable.sentex.ca:/usr/obj/usr/src/sys/GENERIC i386