root login possible on console without auth check
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
pam (Ubuntu) |
Invalid
|
Low
|
Kees Cook |
Bug Description
Binary package hint: libpam-runtime
When I go to the console (tty1 tty2 ...), e.g., by typing C-A-F1, I can login as root without a password. This is a security risk (in my opinion) for
computers that are unsupervised in public areas.
My system is an i386 Samsung notbook running feisty.
The root account is passwordless by default in an Ubuntu-system and I usually do 'sudo whatever' for admininstration puposes.
This is in accordance to Ubuntu philosophy.
The console login is pam-controled and the file /etc/pam.
auth required pam_unix.so nullok_secure
which is the trouble maker. The option 'nullok_secure' is Ubuntu specific and if I understand the source (I have found no documentation)
it allows console login for passwordless users.
I think that 'root' should be excluded from this. For my system I remove the option 'nullok_secure' from 'auth' to make my
system more secure.
Maybe this is already known or even desired by design, but I think it should not be like this. At least users schould be warned.
At first, can anyone try to reproduce this. Maybe I screwed up something else.
Thanks in advance. And thanks for Ubuntu.
Thanks for taking the time to report this bug and helping to make Ubuntu better.
The default root password does not exist (rather than being "empty"). You can verify this with:
sudo grep root /etc/shadow
It should report a line starting with:
root:!:....
The "!" means the password is locked. With a default Feisty install, I am not able to log in as root as you've described. Have you made any changes to root's password or your PAM configurations?
Thanks in advance.