You Can Break Into a Linux System by Pressing Backspace 28 Times. Here’s How to Fix It - Linux版 - 未名存档

本页内容为未名空间相应帖子的节选和存档，一周内的贴子最多显示50字，超过一周显示500字访问原贴

Linux版 - You Can Break Into a Linux System by Pressing Backspace 28 Times. Here’s How to Fix It

相关主题
● 靠，装了一把 Kubuntu 9.10 alpha3，无线网歇了	● 再问一个grub2的问题
● 昨天电脑的grub坏了，已经修复	● 老汉也来装 11。4
● 更新了下ubuntu，然后grub挂了。。。。	● grub 2 so stupid
● ubuntu怎么显示启动菜单和启动过程	● OSX比linux，用起来有什么不爽？
● grub2按什么建能显示菜单	● Mac 升级带 grub2 的系统要小心
● Fedora15安装：出现死桌面，自动把linux设置成default boot	● ubuntu server 11.10 在uefi的系统上boot不了
● 请教：装了两个linux系统，可是启动选项里只有一个	● Fedeora 16 dual boot (grub2)
● 问一个grub2的问题	● 求助：关于Dual Boot Win7 & Ubuntu的问题

相关话题的讨论汇总
话题: linux话题: fix话题: backspace话题: times话题: system

进入Linux版参与讨论

1

(共1页)

d*2 发帖数: 2053	1 http://lifehacker.com/you-can-break-into-a-linux-system-by-pres Patrick Allan Yesterday 1:30pmFiled to: SECURITY Hitting a key over and over again actually works for once. Two security researchers in Spain recently uncovered a strange bug that will let you into most Linux machines just by hitting the backspace key 28 times. Here’s how to fix it and keep your data protected. The researchers, Hector Marco and Ismael Ripoll from the Cybersecurity Group at Polytechnic University of Valencia, found that it’s possible to bypass all security of a locked-down Linux machine by exploiting a bug in the Grub2 bootloader. Essentially, hitting backspace 28 times when the machine asks for your username accesses the “Grub rescue shell,” and once there, you can access the computer’s data or install malware. Fortunately, Marco and Ripoll have made an emergency patch to fix the Grub2 vulnerability. Ubuntu, Red Hat, and Debian have all issued patches to fix it as well. Linux is often thought of as a super secure operating system, but this is a good reminder to take physical security just as seriously as network security (if not more). Take extra care when your machine is around people you don’t know, especially if your system has sensitive data on it.
a******1 发帖数: 1031	2 grub里好像可以直接创造新root account 只要hacker可以物理接触到linux机器，机器就可以被破解
a9 发帖数: 21638	3 这是前几前本版某版友儿子报告的那个bug吗？ into how Group bypass Grub2 【在 d*2 的大作中提到】 : http://lifehacker.com/you-can-break-into-a-linux-system-by-pres : Patrick Allan : Yesterday 1:30pmFiled to: SECURITY : Hitting a key over and over again actually works for once. Two security : researchers in Spain recently uncovered a strange bug that will let you into : most Linux machines just by hitting the backspace key 28 times. Here’s how : to fix it and keep your data protected. : The researchers, Hector Marco and Ismael Ripoll from the Cybersecurity Group : at Polytechnic University of Valencia, found that it’s possible to bypass : all security of a locked-down Linux machine by exploiting a bug in the Grub2

1

(共1页)

进入Linux版参与讨论

相关主题
● 求助：关于Dual Boot Win7 & Ubuntu的问题	● grub2按什么建能显示菜单
● 我来唱个反调 Fedora 17	● Fedora15安装：出现死桌面，自动把linux设置成default boot
● Grub2 比 Grub1 牛在哪里啊	● 请教：装了两个linux系统，可是启动选项里只有一个
● grub2 and arch	● 问一个grub2的问题
● 靠，装了一把 Kubuntu 9.10 alpha3，无线网歇了	● 再问一个grub2的问题
● 昨天电脑的grub坏了，已经修复	● 老汉也来装 11。4
● 更新了下ubuntu，然后grub挂了。。。。	● grub 2 so stupid
● ubuntu怎么显示启动菜单和启动过程	● OSX比linux，用起来有什么不爽？

相关话题的讨论汇总
话题: linux话题: fix话题: backspace话题: times话题: system

未名新帖统计// 7月16日

#	版面	帖数(主题数)
-	全站	4871 (796)
1	Military	3777 (569)
2	Stock	341 (51)
3	Joke	117 (17)
4	History	116 (3)
5	Automobile	100 (9)
6	USANews	55 (9)
7	Midlife	45 (1)
8	Headline	41 (41)
9	Dreamer	33 (13)
10	FleaMarket	32 (20)
11	Living	30 (7)

* 这里只显示发帖超过25的版面，努力灌水吧:-)