Andrew McRory
1999-May-08 20:46 UTC
OpenLinux 2.2: LISA install leaves root access without password
Hello, I believe I''ve found a bug in the installation process of OpenLinux 2.2 when using the LISA boot disk. During the installation a temporary passwd file is put on the new file system containing the user "help" set uid=0 gid=0 and no password. Once you are prompted to set the root password and default user password a new passwd and shadow file is created yet the help user is left in the shadow file with, you guessed it, no password... Here are the offending entries: /etc/passwd help:x:0:0:install help user:/:/bin/bash /etc/shadow help::10709:0:365:7:7:: Anyone who installed OpenLinux 2.2 using the LISA boot disk should check their password file now ;-) I found this using a cdrom I made from a mirror of the mirror at ftp.tux.org. Just to make sure I wasn''t mixed up I redownloaded the install.144 file from ftp.calderasystems.com and tried again. Same thing. The install disk is version 137 dated 26Mar99 (displayed on the boot message). I wrote Caldera a message late in the day Friday regarding this bug but haven''t heard back from anyone. I''ve tried to resist posting this until I hear back but I really feel people should know now!! PS: I''m not sure if Lizard, the graphical installation method, has this problem. It crashes before it does much here.... that''s why I tried LISA. Thanks, Andrew McRory - amacc@linuxsys.com *********************************** Linux Systems Engineers / The PC Doctors * 3009-C West Tharpe Street - Tallahassee, FL 32303 * Voice 850.575.7213 ***************************************************
Ralf Flaxa
1999-May-09 06:15 UTC
[linux-security] Re: OpenLinux 2.2: LISA install leaves root access without password
Hi Andrew, We are currently checking whether this is a FTP version only phenomena or not. In any case we will make new (old style) LISA images available this afternoon (MET). Watch for the 138 images. I''ll post a follow-up to this mail when they are available. Note that *only* the LISA (old style) install is affected. The lizard (new style, graphical) install is not affected. To avoid confusion - old style images carry 1xx numbers, new style images carry 2xx numbers. If you had to use the old style images, the quick fix is to remove (after installation) the lines starting with "help" from /etc/passwd and /etc/shadow. Until later Ralf On Sat, May 08, 1999 at 11:46:40PM -0400, Andrew McRory wrote:> > Hello, > > I believe I''ve found a bug in the installation process of OpenLinux 2.2 > when using the LISA boot disk. During the installation a temporary passwd > file is put on the new file system containing the user "help" set uid=0 > gid=0 and no password. Once you are prompted to set the root password and > default user password a new passwd and shadow file is created yet the help > user is left in the shadow file with, you guessed it, no password... Here > are the offending entries: > > /etc/passwd > help:x:0:0:install help user:/:/bin/bash > > /etc/shadow > help::10709:0:365:7:7:: > > Anyone who installed OpenLinux 2.2 using the LISA boot disk should check > their password file now ;-) > > I found this using a cdrom I made from a mirror of the mirror at > ftp.tux.org. Just to make sure I wasn''t mixed up I redownloaded the > install.144 file from ftp.calderasystems.com and tried again. Same thing. > The install disk is version 137 dated 26Mar99 (displayed on the boot > message). > > I wrote Caldera a message late in the day Friday regarding this bug but > haven''t heard back from anyone. I''ve tried to resist posting this until I > hear back but I really feel people should know now!! > > PS: I''m not sure if Lizard, the graphical installation method, has this > problem. It crashes before it does much here.... that''s why I tried LISA. > > Thanks, > > > > Andrew McRory - amacc@linuxsys.com *********************************** > Linux Systems Engineers / The PC Doctors * > 3009-C West Tharpe Street - Tallahassee, FL 32303 * > Voice 850.575.7213 *************************************************** > > -- > ---------------------------------------------------------------------- > Please refer to the information about this list as well as general > information about Linux security at http://www.aoy.com/Linux/Security. > ---------------------------------------------------------------------- > > To unsubscribe: > mail -s unsubscribe linux-security-request@redhat.com < /dev/null-- _____ ___ / __/____/ / Caldera (Deutschland) GmbH / /_/ __ / /__ Lazarettstr. 8, 91054 Erlangen /_____//_/ /____/ Dipl. Inf. Ralf Flaxa, email: rf@caldera.de ==== /_____/ ====== phone: ++49 9131 8978-23, fax: ++49 9131 8978-22 Caldera OpenLinux PGP: 6D 02 48 48 87 9C 6A 9C 30 A8 4D 15 AC CA 96 10