Ubuntu Security :: Is The Root Password In 11.04 For A Single Program Or For All Programs
Sep 1, 2011
I have ubuntu 11.04 installed along side windows. And I often share files with windows computers. If I am installing a new package from ubuntu software center, and consquently I have to log in as root to do so, which means I have given the system 'privileges' as the program is being installed, I decide to go open mozilla, and surf suspicious sites on the net. Is it possible in that case for me to get a virus?
When we enter the password for the root user in order to run one program such as ubuntu software center, does that mean that all programs have root privileges for the time being (as the software center is installing the program)?
View 3 Replies
ADVERTISEMENT
Apr 3, 2010
Is there a program that allows me to password lock a single file or folder?
View 5 Replies
View Related
Jul 14, 2009
When I go to single user mode for resetting root password, It ask root pawssword for login.The message displayed on prompt is "Give root password for login.On the boot prompt, I select kernel and press 'e' and after one space type 1 for single User mode and then press 'b' for booting.It shows message entering in single user mode but ask root password. Even I tried into rescue mode, but I couldn't ser root password.In rescue mode on prompt, It shows rescue login: I typed root, But when typed 'passwd' foe resetting root pawssword,It shows message unknown user and not authetication.
View 1 Replies
View Related
Apr 17, 2009
Being able to reset the root password by booting into single usermode by editing grub. This is a MAJOR flaw. I know it makes no real difference against internet bourne attacks, but even so I must say I found it shocking. The only way I've found to stop this is to encrypt the entire HDD, so noone could get into single user mode without first knowing the encryption key/password.
View 14 Replies
View Related
May 8, 2011
in ubuntu 10.04 how to get into single user mode with out entering the root user password
View 1 Replies
View Related
Oct 20, 2009
Can someone assist me with recovering/resetting the password for Root via Single User Mode in CentOS v5? I've modified the kernel line using Single, S, and 1 but it appears that these commands are being totally ignored as the server continues with the boot process and displays the GUI logon screen. The server in question is a VM box running on ESX v3.5 U4. The person that created this VM is no longer employed here and I've exhausted everything I know regarding Single User Mode.
View 12 Replies
View Related
Jul 13, 2011
I followed instructions to enter single user mode by adding single at the end of kernel line but after that it doesn't ask for root password but brings up the sh# prompt. Isn't that supposed to be insecure? I understand for this the grub password can be applied but even after adding "single" it should ask for root password..or it should not..??
View 3 Replies
View Related
Feb 26, 2010
Is it possible to restrict root logons to the SSH server to just a single ip address (or maybe a range?) I have other users connecting to the server daily so restricting ALL access to a single ip i cannot do. I need root enabled (for my own reasons) but want to lock it down a bit more.
View 9 Replies
View Related
Oct 20, 2010
I found this on Bee's website. For more info on this exploit there are links there:[URl]..All you have to do in Fedora 13 is enter the following lines in a shell as normal user:
[Code]...
I don't think this can be considered solely an "upstream" problem, because I first tried it in Arch using the same version of glibc, and the final command causes both gnome-terminal and xterm windows to disappear.
View 14 Replies
View Related
Jul 4, 2010
The normal user is now in the sudoers group. How can i allow it to install programs using it's own password rather than having to know the super-secret Root-Users password?
View 5 Replies
View Related
Apr 12, 2011
I have a couple of encrypted external hard drives that I have to mount with realcrypt.The thing is, to start realcrypt I always need to put in my root password, which is kind of a drag.I have combed the internet for information and the most sensible solutions always pointed to do a visudo edit.There were a few things I tried, but none of them seem to work.This is the last iteration - I put in all realcrypt files i could find, which I suppose shouldn't be necessary but desperate times call for desperate measures, right?
View 4 Replies
View Related
Jan 20, 2011
Protect against root password change[Log in to get rid of this advertisement]I have recently had to force a change of the root password on a linux box I was running. It was a test system which I had not used in a while, so I forgot the root password (not so smart).Anyway, I found that it was amazingly easy to reset the root password. Here is a straight forward article on how to do it.URL...
My question is: how can you protect against this? I see this as a security hole.I understand that the user must have physical access to the computer, but if I want to lock the system down so you cannot easily enter single user mode or the root password cannot be changed.
View 1 Replies
View Related
Jan 26, 2011
We have a couple of clusters that are running Oracle. If you're familiar with Oracle you know that it basically has to be installed as root. Something I detest. anyway, when we are building out the box, we change the root pw and give it to the DBA team to do their installs and configs. When they are done, we change the root pw (and do not give it to them), and configure sudo to allow them the rights needed to manage Oracle and their databases.
Now however, we have a different situation. The DBAs need access to uninstall and reinstall components and make modifications on an ongoing basis. Since we only support OS and hardware, not app, they are requesting permanent root access. I promptly told them no, and the politics ensued. Their manager went to their director, who went to my director, and suddenly an exception is given for his good golfing buddy. So here I am, forced to turn lose DBAs on my clusters with full root access/pw. I need a way to allow specific users (or perhaps a specific user group) the ability to become root WITHOUT sharing the root pw with them.
View 3 Replies
View Related
Jul 10, 2011
I've been using Ubuntu for like a year now. Whenever I want root privileges I just type sudo and enter my User password. I wanna know if there's a way to change this, in a way that My User password is: "ABC" and the password needed to have root privileges is: "ABC123". I have no problem using the terminal, I actually prefer it to any GUI, it just seems easier to me.
View 3 Replies
View Related
Jul 8, 2010
I installed IPlist earlier today on my main/admin account (which I only use for installing programs. I don't use this account daily.) and everything was fine. When I logged into my every day account and tried to load the program, it prompted me for my password. When I entered it, I got this message:Quote:Failed to run /usr/sbin/ipblock start_gui as user root.The underlying authorization mechanism (sudo)t allow you to run this program. Contact the system administrator.Does this mean I am not able to use this program on this account, or is there a way around it? I'm new to Ubuntu so forgive me if I'm asking the obvious. I looked around and couldn't find an answer. I really don't want to use my admin account for daily activities, but I also really want to be able to use IPlist
View 2 Replies
View Related
Sep 21, 2009
what does one do when he forgets the root password ? i still have a terminal logged in as root how can i change the password in terminall
View 2 Replies
View Related
Nov 14, 2009
I have been experiencing harassment with my websites being hacked so pardon me if this is an over-paranoid question.
Just recently started on FC11 after having abandoned Fedora for CentOS for a few months. So glad to be back, but...
I have been getting notices about security updates. When I click for the update, I am not asked for the root password and the update occurs.
View 12 Replies
View Related
Jan 20, 2010
Found a major security hole in one of my more crucial linux servers today. (Only locally) I can use the user name "root" and any string for the password. So I can literally type "poop" as the password and the server lets me in. I know how to set root password settings for SSH and sudo, but where are settings located for local access that would allow something like this?
View 14 Replies
View Related
Feb 19, 2010
Stumped on this one. I'm trying to set up limited sudo authority on a desktop with some sensitive user data, and as an extra precaution I wanted to configure sudo to use a password other than the user's or the root's. I'm not sure how to do this. From the manual, we have a few options, such as "runaspw" or "targetpw", but none seem quite what I'm looking for.For instance, "runaspw" could be used if I created a user for nothing other than sudo(ing) purposes, but it requires you set "runas_default", which means that said user would have to have authority to execute said commands in the first place. This is workable, but seems like a lot of extra configuration for each specific command that I want to run, as well as creating some issues with simply commands such as "shutdown" or "reboot". Also, "targetpw" can be used in conjunction with a sudo(ing)-only user if I set an alias, but, again, this isn't quite what I am looking for.
Ultimately, what I am really concerned about in this situation are keystroke loggers, so I would prefer to avoid repeated entering the user or root password when performing administrative tasks. Also, I would prefer not having to create a sudo(ing)-only user as mentioned above to prevent a comprimised password resulting in an attacker being able to log into my system.
View 3 Replies
View Related
Jan 23, 2010
I try to install my printer again after reinstall ubuntu 9.04. ("downgraded from 9.10"). Instead of asking for the local-user-login password, as it does for other system changes, it asks for a root password that I never had. What happened? How can I set this right?I made a printscreen.
View 3 Replies
View Related
Jan 12, 2009
It seem like unix abit annoying every time you log in you need to password can I disable it
View 10 Replies
View Related
Jan 27, 2010
Can't seem to do it, wondering if anyone knows how? Normally there's something in sshd_config that can be switched to true or yes to allow root login but I can't see it in fedora 12.I can login via root at a terminal no problem, just not via ssh, I get access denied every time. Also, I need to login using password authentication.I've done: 227169 but that's just for GUI which I don't really need since I rarely ever log into the GUI.I have also searched through here and mostly only found info such as above, how to enable root login for GUI, or billions of posts about how logingin as root is bad but I cannotswer to my question.DISCLAIMER: Please do not reply to this thread if all you can contribute is the question of why I need root or to put some message telling me I can do everything using su, etc, etc. Please only contribute if you can answer my question. A: My machine and a valid quesiton. B: Spirit of Linux is open, not restrictive
View 3 Replies
View Related
Jun 1, 2010
To comply with standards I need to change the root pw every so often. However, I really don't have a need to know the root password; as the only thing using root, is for ssh authenticating via ssh keys. What I want to do is automate the root password change monthly via a cron job, to a random value. Is there a way to do this without knowing the previous password?
View 14 Replies
View Related
Apr 9, 2011
I have recently installed Fedora 14 on a new computer we presented as a gift to my sister-in-law. She is new to Linux. Although I've used Fedora since Core 1, I'm no expert on security issues, and this baffles me. She's doesn't know how to change the root password, so why doesn't it work any more? She discovered the problem when attempting a yum update from a terminal.(1) How could the root password have gotten changed? How likely is it that someone got onto her system through ssh, made a lucky guess on her root password, and then changed it? Are there robots that do this?
(2) The firewall is enabled. I have it set up as follows: (a) under "Trusted Services," only ssh is checked (I need to be able to get in remotely this way); (b) under "Trusted Interfaces," I have eth0 checked (I need to be able to use VNConto her desktop).Question: Are these settings giving ample protection? What settings would be recommended to protect her system while at the same time allowing me to access it through ssh and VNC?
View 8 Replies
View Related
Aug 10, 2010
I have a problem with sshd daemon on a target linux system:The system has only one user (root) without password.The sshd_config looks like:
Code:
Port 22
Protocol 2
[code]...
View 8 Replies
View Related
Dec 18, 2010
I have tried to not allow root access and have created a wheel user.
Now I can not logged in as root.
Its okay but when am logging as wheel user and trying to access root then it says:
Code:
View 14 Replies
View Related
Jun 25, 2010
When I installed the OS, I wasn't prompted to set the root password. Is this a bug, or did my install hose up?
View 4 Replies
View Related
Jun 9, 2011
how to login as a root in the terminal .
it is saying : su - incorrect password.
I have change the #chmod 755/bin/su
Now i cant login as a root from command line , though root password works from GNOME
View 1 Replies
View Related
Jun 22, 2010
I have a server hacked when i try to log in i type root but won't let me type a passwdthere are no services up, can't see page mail nothing
View 11 Replies
View Related
Mar 3, 2010
I m Trying to get vsftpd usergroups to work i accidentally moved a file called passwd from /etc/vsftpd/ to /etc/, resulting in my root access is destroyed! how to restore the passwd file so i can keep working, or do i have to re-install the entire box?
View 4 Replies
View Related
