Skip to Content

When I got home today (late…) the kids were screaming and my wife was waiting in the door. Nothing unusual until I heard my son wailing that he wanted to play in his room. Normally this is something she would encourage but she scolded him that he couldn’t. He had locked his door on the inside and closed it, locking himself and everyone else out. I asked her where our ice pick was.

To open the door… c’mon.

I figured the lock was similar to those on most bathrooms where the latch is on the inside but there is a hole on the outside you can easily trigger the latch through. Unfortunately it actually required a key that our landlord had not provided. Not having this particular expertise and it being close to bedtime I went to get a stepladder to attempt the window. Fortunately it has been hot and the window was open. There was a screen to contend with and it had a bend in the frame. Obviously this had happened before and this was the natural alternate path.

This reminded me of what happened when I locked the Administrator account on my NetWeaver J2EE server a few weeks ago. Rescue account? What rescue account? This was my local installation, I just use the defaults. I mistyped the password three time when I activated the UME and well… three is the magic default number to lock a user. Backdoor? For this?

No.

I had to reinstall the system. Physical access to a machine does not mean you are authorized to use a system on it. Just like the bend in the screen, any back door is a potential path for abuse.

Yes the first thing I did after the reinstall was create a rescue account. I don’t care how seemingly temporary or inconsequential the system is, I won’t make this mistake again.

And my son’s room? I reversed the handle before he went to bed so the side requiring the key is on the inside now. His mother couldn’t be happier with this solution.

To report this post you need to login first.

3 Comments

You must be Logged on to comment or reply to a post.

  1. Lutz Morrien
    Following the above comparison would have meant that instead of going into your sons bedroom via the window, you would have had to “reinstall” the house. Rebuilding a house for a locked door seems like an odd idea. Funny, that in the computer world a reinstall seems quite normal.

    Nice story.

    Lutz Morrien

    (0) 
    1. Anonymous
      I agree with you its an unacceptable solution to reinstall (or tear down a house) to solve this sort of problem. I would note however that with a production system and maintenance contract this would be almost impossible to get locked out of a system this way. Even in sandboxes I think it would be unheard of for our systems for something like this to happen as they are managed by people far to professional to let something like this happen. i think things like this (at least with our software) are far more likely when installed on a local system by a developer who doesn’t care to be an administrator. Ever locked yourself out of a linux box on a dual partition system because you hadn’t logged into it for a month? That should have taught me, granted that was on RedHat 4 or 5 so it was a while ago.

      I’m glad you enjoyed the story though, the main reason I posted it was because, well, it’s just funny.

      (0) 

Leave a Reply