Kwan Lowe wrote: > On Wed, Feb 2, 2011 at 9:44 AM, James Bensley <jwbensley at gmail.com> wrote: >> So on a virtual server the root password was no longer working (as in >> I couldn't ssh in anymore). Only I and one other know it and neither >> of us have changed it. No other account had the correct privileges to <snip> > Anyhoo, coincidentally I was thinking of ways to change a root > password on a 24/7 system. Some of the things I tested was to > overwrite some of the cron scripts that I had access to, create a suid > binary on a trusted and mounted fs (i.e., no root squash, noexec not > enabled), exec a shell from with a sudo command that had shell out > capability, etc.. <snip> Well, if you could get on the system at all, and had sudo privileges, no problem. mark