Originally posted by: Jzero
This article explains how to reset the root password in single user mode, although I hope they fixed this "exploit" in Panther.
Single user mode isn't an exploit. If someone has that kind of access to your computer you have more issues than that. Password single user mode? Take the hard drive.
Originally posted by: n0cmonkey
Single user mode isn't an exploit. If someone has that kind of access to your computer you have more issues than that. Password single user mode? Take the hard drive.
Originally posted by: drag
Boot up with the install cdrom and reset the password with the utilities provided by Apple. I don't remember what it is called exactly, probably "password reset utility" or something...
Also usefull for correcting messed up permissions (a very common malady from apple computers from the plethera of closed source software that gets installed on these type of computers that don't follow Apple's "rules" when it comes to installers.) or run other drive checks.
Single user mode isn't an exploit. If someone has that kind of access to your computer you have more issues than that. Password single user mode? Take the hard drive.
Definately the best security against something like this is a reinforced locked door. If someone evil has physical access to your computer you can kiss your security goodbye.
Any computer, linux, NT-based windows versions, *BSD, OS X, pretty much everything except some of the big iron or unusual hardware has the ability to have the password resetted in someway. And if you have that disabled or whatnot they can just take a hammer/crowbar to your computer and take the drive or entire computer if they feel like it. (its not like your not going to miss a resetted and changed password, anymore then a missing computer/harddrive)
Originally posted by: Jzero
Originally posted by: n0cmonkey
Single user mode isn't an exploit. If someone has that kind of access to your computer you have more issues than that. Password single user mode? Take the hard drive.
Hence "exploit" in quotes, because it's not really an exploit. However, just as with other unix/linux OSes it is a basic and sensible idea that booting into single-user mode not just dump you into a shell with root priveleges without so much as asking for a password. Not every machine can be locked away from physical access, especially user workstations.
There is no such thing as fool-proof security. You have to assume that a dedicated enough enemy will eventually break all of your security measures. You have to work under the paradigm of putting up enough roadblocks that most people will give up. We will spot a workstation with a missing hard drive much more quickly than a workstation with a compromised root password, assuming the cracker just steals data and doesn't make the machine doing anything funny.
Solution: encrypted disk. I've got one. Doesn't everyone?
Originally posted by: drag
Solution: encrypted disk. I've got one. Doesn't everyone?
I don't, encrypted disks seem more trouble then they are worth, but I could see myself running encryption on maybe a partition or something like that for the sensitive stuff.
Originally posted by: n0cmonkey
Originally posted by: drag
Solution: encrypted disk. I've got one. Doesn't everyone?
I don't, encrypted disks seem more trouble then they are worth, but I could see myself running encryption on maybe a partition or something like that for the sensitive stuff.
I don't mean an entirely encrypted system. That would be kind of silly, unless there was some kind of hardware solution... And I think it's only *really* useful in laptops (unless you are worried about people taking the hard drive out of your servers ). And OpenBSD's encrypted disk solution is pretty easy. I don't use it on my iBook though, I don't have anything "sensitive" on here really
Originally posted by: drag
One thing I think would be interesting to do is instead of having a entire partition or whatnot simply have a loopback filesystem that you keep encrypted. Then if want to get REALY sneaky keep the loopback FS disguised as a coredump (while not mounted) in some backward directory deep in somewhere boring.