Big fun with Sys V Drivers
rjd at occrsh.ATT.COM
rjd at occrsh.ATT.COM
Sat Apr 23 00:05:00 AEST 1988
::In article <5500019 at snail>, carroll at snail.CS.UIUC.EDU writes:
::$
::$ We manage about 30 3b2's here, and having a bootable UNIX floppy
::$ is a *big* win. I strongly recommend building one if you are going to
::$ be doing maintainence. You have to be a little careful, though, since the
::$ existence of these disks implies that there is no security for any
::$ publicly accessible 3b2 (i.e., anyone with such a disk can become
::$ root on a system, mount the disk, and have fun).
::
::That's what the firmware password is to protect against.
::
::|------------Dan Levy------------| Path: ihnp4,<most AT&T machines>!ttrdc!levy
Not good enough. If you can physically touch the machine enough to put
the boot floppy into it, you can also take a screwdriver, pop the top off,
unplug the battery for about 20 seconds to reset the NVRAM, re-boot it and
let it assume default values, one of which is the firmware password of "mcp".
(Nobody flame me for this as if I am divulging secret information - to many
people it is common knowledge. In fact it was discussed here more than once.
Not knowing a potential security hole is always worse than being aware of it.)
Randy
More information about the Comp.unix.wizards
mailing list