Rooting a local box

Nicholas Leippe nick at leippe.com
Thu Apr 26 12:31:23 MDT 2007


On Thursday 26 April 2007, Stuart Jansen wrote:
> On Thu, 2007-04-26 at 12:03 -0600, Nicholas Leippe wrote:
> > On some distros, even single user asks for the root password. You can get
> > past that by passing init=/bin/sh to the kernel. If you have /bin/bb,
> > even better. Where to go from there is left as an exercise for the
> > reader.
>
> Using init=/bin/sh on modern systems with udev, etc. is not for the
> faint of heart.

Which is why I left it as an exercise for the reader. ;)

> If your distro requires the root password to enter 
> single user mode, it'd probably be easier to just boot from a rescue
> disk. SUSE is an example of an annoying[1] distro that requires the root
> password for single user mode, but in compensation the SUSE rescue disk
> is kinda snazzy.

Likewise for Gentoo, on both accounts.

> [1] If you have enough access to reboot into single user mode, you've
> got enough access to boot from alternative media or pull the drives.
> Requiring the root password doesn't do much to improve security.

Yep. When there's physical access to the box, all bets on security are off.






More information about the PLUG mailing list