As long as you didn't configure a boot loader password, you should be able to specify kernel parameters at boot. If you pass the parameter
You'll have a root shell on the machine without having to log in.
This is one of the reasons it's important to use a boot loader password.
You can also boot from a live CD and mount the hard disk that way. This is why it's important to have a BIOS password (and turn off booting from any device other than the hard drive).
Of course, if someone has physical access to the machine, they can always rip out the drive and mount it in another machine. This is why it's important to use encryption on your hard disks.
I don't do an of these, despite considering myself moderately paranoid. Ho hum.
Does anyone out there use all of these measures?