> From: Jason Thorpe
>
> > "Angelos D. Keromytis" <angelos@dsl.cis.upenn.edu> wrote:
>
> > Sorry, i wasn't explicit enough; i meant that the original bug (as
> > reported in the advisory) does not require physical access to the
> > machine to exploit. There's no bug that involves the DDB and security
> > levels that i know of, which can be exploited remotely.
>
>Ah, *phew* ... had me worried there, for a minute... :-)

actually...i don't think we get off that easily.  one of the labs i
used to work in had these ugly gateway 2000 486/33 machines with these
big funky keyboards (i hated 'em; not tactile enough) with not four
but eight arrow keys and other "fun" features like programmability.
you could basically have the thing record keystrokes.  i once saw one
of the admins log in, poke around a bit, crash the machine, and reboot
it.  when it came back up, the keyboard logged him in.

assuming you could hack root on one of these machines, i imagine it
would be rather easy to tell/program the keyboard what to type to set
the securelevel back to 0...

-- 
|-----< "CODE WARRIOR" >-----|
andrew@echonyc.com (TheMan)        * "ah!  i see you have the internet
codewarrior@daemon.org                               that goes *ping*!"
warfare@graffiti.com      * "information is power -- share the wealth."