You can do that with most any UNIX type of server/OS... If you want to prevent that, you set BIOS passwords to prevent someone from accessing the BIOS, then set your boot device to be the hard disk ONLY! Of course you would have been screwed in your situation, had you done this. Choose the lesser of two evils. - Herman On Mon, 26 Feb 2001, Sascha Kloss wrote: ->>Hello ->> ->>I recently bought 7.1 pro and forgot my root password. It was terrible. ->>Anyway, after a bit thinkin' I took out the CD 2 and started the 'rescue ->>system'. With that I had FULL ACCESS on MY HDDs!! Even /etc/pwd... . I ->>created a new user with no password and root privileges. With that I ->>edited the root pwd and ... ->> ->>ping-- ->> There is my new root pwd. ->> ->>Isn't this a security hole. Let's say Microsoft's WEB-Server's runnin' ->>Linux and I would have 10 Minutes physical access and my CD 2 with me. ->>Then I could change the ROOT pwd. ->> ->>Sascha