When I got home today (late…) the kids were screaming and my wife was waiting in the door. Nothing unusual until I heard my son wailing that he wanted to play in his room. Normally this is something she would encourage but she scolded him that he couldn’t. He had locked his door on the inside and closed it, locking himself and everyone else out. I asked her where our ice pick was.
To open the door… c’mon.
I figured the lock was similar to those on most bathrooms where the latch is on the inside but there is a hole on the outside you can easily trigger the latch through. Unfortunately it actually required a key that our landlord had not provided. Not having this particular expertise and it being close to bedtime I went to get a stepladder to attempt the window. Fortunately it has been hot and the window was open. There was a screen to contend with and it had a bend in the frame. Obviously this had happened before and this was the natural alternate path.
This reminded me of what happened when I locked the Administrator account on my NetWeaver J2EE server a few weeks ago. Rescue account? What rescue account? This was my local installation, I just use the defaults. I mistyped the password three time when I activated the UME and well… three is the magic default number to lock a user. Backdoor? For this?
I had to reinstall the system. Physical access to a machine does not mean you are authorized to use a system on it. Just like the bend in the screen, any back door is a potential path for abuse.
Yes the first thing I did after the reinstall was create a rescue account. I don’t care how seemingly temporary or inconsequential the system is, I won’t make this mistake again.
And my son’s room? I reversed the handle before he went to bed so the side requiring the key is on the inside now. His mother couldn’t be happier with this solution.