Fedora Security :: Become Root Without Root Password?
Oct 20, 2010
I found this on Bee's website. For more info on this exploit there are links there:[URl]..All you have to do in Fedora 13 is enter the following lines in a shell as normal user:
I don't think this can be considered solely an "upstream" problem, because I first tried it in Arch using the same version of glibc, and the final command causes both gnome-terminal and xterm windows to disappear.
Can't seem to do it, wondering if anyone knows how? Normally there's something in sshd_config that can be switched to true or yes to allow root login but I can't see it in fedora 12.I can login via root at a terminal no problem, just not via ssh, I get access denied every time. Also, I need to login using password authentication.I've done: 227169 but that's just for GUI which I don't really need since I rarely ever log into the GUI.I have also searched through here and mostly only found info such as above, how to enable root login for GUI, or billions of posts about how logingin as root is bad but I cannotswer to my question.DISCLAIMER: Please do not reply to this thread if all you can contribute is the question of why I need root or to put some message telling me I can do everything using su, etc, etc. Please only contribute if you can answer my question. A: My machine and a valid quesiton. B: Spirit of Linux is open, not restrictive
I have recently installed Fedora 14 on a new computer we presented as a gift to my sister-in-law. She is new to Linux. Although I've used Fedora since Core 1, I'm no expert on security issues, and this baffles me. She's doesn't know how to change the root password, so why doesn't it work any more? She discovered the problem when attempting a yum update from a terminal.(1) How could the root password have gotten changed? How likely is it that someone got onto her system through ssh, made a lucky guess on her root password, and then changed it? Are there robots that do this?
(2) The firewall is enabled. I have it set up as follows: (a) under "Trusted Services," only ssh is checked (I need to be able to get in remotely this way); (b) under "Trusted Interfaces," I have eth0 checked (I need to be able to use VNConto her desktop).Question: Are these settings giving ample protection? What settings would be recommended to protect her system while at the same time allowing me to access it through ssh and VNC?
Being able to reset the root password by booting into single usermode by editing grub. This is a MAJOR flaw. I know it makes no real difference against internet bourne attacks, but even so I must say I found it shocking. The only way I've found to stop this is to encrypt the entire HDD, so noone could get into single user mode without first knowing the encryption key/password.
Protect against root password change[Log in to get rid of this advertisement]I have recently had to force a change of the root password on a linux box I was running. It was a test system which I had not used in a while, so I forgot the root password (not so smart).Anyway, I found that it was amazingly easy to reset the root password. Here is a straight forward article on how to do it.URL...
My question is: how can you protect against this? I see this as a security hole.I understand that the user must have physical access to the computer, but if I want to lock the system down so you cannot easily enter single user mode or the root password cannot be changed.
We have a couple of clusters that are running Oracle. If you're familiar with Oracle you know that it basically has to be installed as root. Something I detest. anyway, when we are building out the box, we change the root pw and give it to the DBA team to do their installs and configs. When they are done, we change the root pw (and do not give it to them), and configure sudo to allow them the rights needed to manage Oracle and their databases.
Now however, we have a different situation. The DBAs need access to uninstall and reinstall components and make modifications on an ongoing basis. Since we only support OS and hardware, not app, they are requesting permanent root access. I promptly told them no, and the politics ensued. Their manager went to their director, who went to my director, and suddenly an exception is given for his good golfing buddy. So here I am, forced to turn lose DBAs on my clusters with full root access/pw. I need a way to allow specific users (or perhaps a specific user group) the ability to become root WITHOUT sharing the root pw with them.
Found a major security hole in one of my more crucial linux servers today. (Only locally) I can use the user name "root" and any string for the password. So I can literally type "poop" as the password and the server lets me in. I know how to set root password settings for SSH and sudo, but where are settings located for local access that would allow something like this?
Stumped on this one. I'm trying to set up limited sudo authority on a desktop with some sensitive user data, and as an extra precaution I wanted to configure sudo to use a password other than the user's or the root's. I'm not sure how to do this. From the manual, we have a few options, such as "runaspw" or "targetpw", but none seem quite what I'm looking for.For instance, "runaspw" could be used if I created a user for nothing other than sudo(ing) purposes, but it requires you set "runas_default", which means that said user would have to have authority to execute said commands in the first place. This is workable, but seems like a lot of extra configuration for each specific command that I want to run, as well as creating some issues with simply commands such as "shutdown" or "reboot". Also, "targetpw" can be used in conjunction with a sudo(ing)-only user if I set an alias, but, again, this isn't quite what I am looking for.
Ultimately, what I am really concerned about in this situation are keystroke loggers, so I would prefer to avoid repeated entering the user or root password when performing administrative tasks. Also, I would prefer not having to create a sudo(ing)-only user as mentioned above to prevent a comprimised password resulting in an attacker being able to log into my system.
I no longer have access to my root desktop. On a session I attempted to change the root username but i apparently assigned it a wrong directory that does not exist. When I rebooted with my new root username, i was instead recognised as a simple user (no root privileges). I tried the console to change to "old" root but root password is not accepted and there is no way to access to sudoer files. it seems that inserting a new username requires root privileges and i am back to square one. Simply logging with old root username and password after restart gives me a blank screen with nothing on it and cannot even reboot.
I was trying to edit a file requiring root permissions, so I used sudo. I typed the root password and it failed. This happened three times, and the process was ended. I then logged in as root (su) and was able to navigate to the file and make changes as root. Am I missing something? How would I edit the sudoers file such that this password would work? Or is there another way to log in to the sudo group to make these changes? How do I set sudo passwords?
I've been using Ubuntu for like a year now. Whenever I want root privileges I just type sudo and enter my User password. I wanna know if there's a way to change this, in a way that My User password is: "ABC" and the password needed to have root privileges is: "ABC123". I have no problem using the terminal, I actually prefer it to any GUI, it just seems easier to me.
To comply with standards I need to change the root pw every so often. However, I really don't have a need to know the root password; as the only thing using root, is for ssh authenticating via ssh keys. What I want to do is automate the root password change monthly via a cron job, to a random value. Is there a way to do this without knowing the previous password?
I edited fstab to automatically mount my windows data partition on boot, but I screwed it up by not specifying the file system type, however that is not the problem, I was able to fix that easily. The problem was that when it failed to mount the partition, Debian automatically entered root and I guess that is to be expected in order for me to fix it, but I never configured a root password and it just gave me full root access without asking any password, not even my user password. I though that was strange so I set the root password and sure thing it asked me for the root password this time without automatically logging into root....
I then tried to lock the root account to see if it will ask me for a password or not, it did but of course I wasn't able to login as root because it was locked now and I was left with no way to access the system. I had to fix fstab from a live cd so that I can login normally as the user....
I didn't know what to search for or if that is the expected behavior if you don't set root password during installation, but it just seemed a bit strange to automatically enter root when you specifically disable root login during installation...
A friend of mine has told me to set a root password and use root (f.e. switching to su in terminal and work with root rights instead).Is there any way to unset the root password? I know how to use sudo now.
I try to install my printer again after reinstall ubuntu 9.04. ("downgraded from 9.10"). Instead of asking for the local-user-login password, as it does for other system changes, it asks for a root password that I never had. What happened? How can I set this right?I made a printscreen.
I have ubuntu 11.04 installed along side windows. And I often share files with windows computers. If I am installing a new package from ubuntu software center, and consquently I have to log in as root to do so, which means I have given the system 'privileges' as the program is being installed, I decide to go open mozilla, and surf suspicious sites on the net. Is it possible in that case for me to get a virus?
When we enter the password for the root user in order to run one program such as ubuntu software center, does that mean that all programs have root privileges for the time being (as the software center is installing the program)?
want to run VirtualBox with root permissions. Trouble is that only when run as root i can access attached USB devices inside of a virtual machine, otherwise, these a greyed out).Now running VirtualBox as a root user also changes the configuration folders, making all my virtual machines already defined disappear. I also don't want to copy all to the root configuration folders. Is there a way to give the VirtualBox root permissions but without actually running the application as a root user. Is it possible to do without changing the permissions of the non-root user, i.e. i don't want my user to have all root permissions, due to security considerations.
I run ProFTPd with TLS authentication on my Debian Lenny server. My problem is that despite of the fact that my users connect chrooted, one of my friends had root privileges after logging in form a Macintosh and could browse the root directory, too.
I am trying to log into a server with a particular account. Let's say I don't know the password for that account. Can I do this using ssh? I am wondering if it is possible to do it in one command, instead of logging in as root and running su.
When I go to single user mode for resetting root password, It ask root pawssword for login.The message displayed on prompt is "Give root password for login.On the boot prompt, I select kernel and press 'e' and after one space type 1 for single User mode and then press 'b' for booting.It shows message entering in single user mode but ask root password. Even I tried into rescue mode, but I couldn't ser root password.In rescue mode on prompt, It shows rescue login: I typed root, But when typed 'passwd' foe resetting root pawssword,It shows message unknown user and not authetication.
I got during my last year of high school, and I recently installed Fedora 11. During the installation, I misunderstood one of the questions, and set my root password as what I wanted my account password. I want to go in and change it, because it's pretty easy to figure out and has me feeling really vulnerable, but it won't let me. I went to System-Administration-Root Password, entered my password, and put in a new one, but it won't let me click Change Root Password. The button is faded out and unclickable. I've tried several different passwords, and triple-checked each to make sure I typed it in correctly, but it won't work.