Kwan Lowe wrote:
> On Wed, Feb 2, 2011 at 9:44 AM, James Bensley <jwbensley@xxxxxxxxx> wrote:
>> So on a virtual server the root password was no longer working (as in
>> I couldn't ssh in anymore). Only I and one other know it and neither
>> of us have changed it. No other account had the correct privileges to
<snip>
> Anyhoo, coincidentally I was thinking of ways to change a root
> password on a 24/7 system. Some of the things I tested was to
> overwrite some of the cron scripts that I had access to, create a suid
> binary on a trusted and mounted fs (i.e., no root squash, noexec not
> enabled), exec a shell from with a sudo command that had shell out
> capability, etc..
<snip>
Well, if you could get on the system at all, and had sudo privileges, no
problem.
mark
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
