Blank password works for root
Frank Turscak
ftokcfed at sbcglobal.net
Fri Jan 9 05:23:09 UTC 2004
Bill Beeman wrote:
>"Bevan C. Bennett" <bevan at fulcrummicro.com> wrote in message
>news:3FFE03D5.5030505 at fulcrummicro.com...
>
>
>>Bill Beeman wrote:
>>
>>
>>>I just discovered that I can log into my FC1 box as root with either the
>>>root password, or by simply leaving the password blank!
>>>
>>>Functions this way from a command line, or in a terminal within either
>>>KDE or Gnome.
>>>
>>>
>>What exactly are you doing to 'log in'?
>>Is this with 'su' from an existing command line, from the system
>>console, or with a remote access program like ssh, telnet or rlogin?
>>
>>If possible, see if the behavior is consistant between using su after
>>logging in as a non-root user, logging in on console, or connecting with
>>ssh?
>>
>>The first place I'd look in this case is in /etc/pam.d/
>>See if there are any files named *.rpmnew and if so check out the
>>differences between them and the originals. Look especially to see if
>>anything has pam_rootok.so listed, and where.
>>
>>
>
>This is consistent, whether from console, existing command line, or ssh from
>elsewhere,
>and works whether logging in as root, or by su from another user. In
>essence, no
>root security.
>
>I've run chkrootkit-0.43, which comes up clean.
>
>However, comparing /etc/pam.d/system-auth with system-auth.rpmnew, I noticed
>the line
>
>auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
>
>in both. removing "likeauth nullok" seems to solve the problem, but leaves
>the question of how it got that way. System-auth notes that it will be
>regenerated and user changes discarded when authconfig is run. I'll play
>with that a bit, but don't recall running that before. Anyone have any ideas
>what may have generated this?
>
>Bill
>
>
>Run "man sudoers". Seems to me something in the file "/etc/sudoers" might have gone awry.
>
>
Frank
More information about the fedora-list
mailing list