home *** CD-ROM | disk | FTP | other *** search
/ NetNews Usenet Archive 1992 #18 / NN_1992_18.iso / spool / comp / unix / ultrix / 6408 < prev    next >
Encoding:
Internet Message Format  |  1992-08-21  |  2.8 KB
  1. Xref: sparky comp.unix.ultrix:6408 comp.unix.admin:4638
  2. Path: sparky!uunet!olivea!mintaka.lcs.mit.edu!chaos!splinter.coe.northeastern.edu
  3. From: zaphod@splinter.coe.northeastern.edu (Erik Lloyd Bunce)
  4. Newsgroups: comp.unix.ultrix,comp.unix.admin
  5. Subject: Decstation Ultrix single-user mode security hole.
  6. Keywords: DecStation, Ultrix, Security Hole, Help
  7. Message-ID: <ZAPHOD.92Aug22032228@splinter.coe.northeastern.edu>
  8. Date: 22 Aug 92 07:22:28 GMT
  9. Sender: usenet@chaos.DAC.Northeastern.edu
  10. Followup-To: comp.unix.ultrix
  11. Distribution: comp
  12. Organization: College of Engineering, Northeastern University
  13. Lines: 33
  14.  
  15.  
  16.     On Decstations running Ultrix 4.1-4.2a is there any way to
  17. make it so that users can't just hit ^C during the multiuser boot
  18. process to break into single-user mode?  (and thus get access as root
  19. on the machine).  Changing /etc/ttys and setting the prom password
  20. doesn't seem to prevent this easy breach of security.  Any Ideas or
  21. suggestions would be appreciated.
  22.  
  23. -------------------------------------------------------------------------------
  24. |Erik L. Bunce                                                                |
  25. |Bunce and Coveney Co.                                                        |
  26. |zaphod@meceng.coe.northeastern.edu                                           |
  27. |-----------------------------------------------------------------------------|
  28. | This is a test.                                                             |
  29. | This is only a test.                                                        |
  30. | If this were a real life,                                                   |
  31. | You would have been given instructions.                                     |
  32. | You are experiencing a pirated copy of a life,                              |
  33. | Ergo. No manual.                                                            |
  34. -------------------------------------------------------------------------------
  35. | My opinions are my employers, but not necessarily Northeastern University's.|
  36. -------------------------------------------------------------------------------
  37. --
  38. -------------------------------------------------------------------------------
  39. |Erik L. Bunce         | This is a test.                                      |
  40. |Bunce and Coveney Co. | This is only a test.                                 |
  41. |(617) 389-9068        | If this were a real life,                            |
  42. |                      | You would have been given instructions.              |
  43. |                      | You are experiencing a pirated copy of a life,       |
  44. |                      | Ergo. No manual.                                     |
  45. -------------------------------------------------------------------------------
  46. | My opinions are my employers, but not necessarily Northeastern University's.|
  47. -------------------------------------------------------------------------------
  48.