[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: vlock vulnerability in RedHat 7.0

To: BUGTRAQ@SECURITYFOCUS.COM
Subject: Re: vlock vulnerability in RedHat 7.0
From: Luca Berra <bluca@comedia.it>
Date: Wed, 8 Nov 2000 21:46:14 +0100

On Wed, Nov 08, 2000 at 09:53:24AM -0500, Jon Lewis wrote:
> Contrary to the prompt and the man page, the root password will not unlock
> this VC.  The user's password, entered at either of the (jlewis|root)'s
> Password: prompts will unlock the VC.  I've tested this on Red Hat 6.2 and
> 7.0.
It's a feature!

This is due to PAM, all this type of programs (xlock is another)
are not setuid, the pam libraries invoke a suid helper /sbin/pwdb_chkpwd
that checks the password only for the user that is invoking it.
so no more root unlocking display.
(this is not an issue if root can remotely login to the machine and
kill the lock process)

Regards,
Luca.

--
Luca Berra -- bluca@comedia.it
    Communication Media & Services S.r.l.

Prev by Date: Re: BIND 8.2.2-P5 Possible DOS
Next by Date: Re: BIND 8.2.2-P5 Possible DOS
Prev by thread: Re: vlock vulnerability in RedHat 7.0
Next by thread: Vendor Response Re: Mantrap Advisory Vendor Followup - Fate Research Labs
Index(es):
- Date
- Thread