Bug 20533 - root's password doesn't unlock
root's password doesn't unlock
Product: Red Hat Linux
Classification: Retired
Component: vlock (Show other bugs)
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Michael K. Johnson
: Security
Depends On:
  Show dependency treegraph
Reported: 2000-11-08 14:13 EST by Trond Eivind Glomsrxd
Modified: 2008-05-01 11:37 EDT (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2001-03-29 21:28:30 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Trond Eivind Glomsrxd 2000-11-08 14:13:25 EST
When locking a tty with "vlock -a", if the user's password isn't correct
you'll be asked for root's password. However, this will always be rejected,
so root can't unlock - or switch to other consoles, making this an
effective DOS.
Comment 1 Andrew Bartlett 2000-11-11 02:08:35 EST
vlock is not set-uid root, and as such cannot do anything the user couldn't do
already.  Unfortunetly this also includes validating the root password (in most
circumstances).  (Users can validate thier own password, but only by using a
small helper app invoked by PAM).

BTW, vlock -a also was the subject of an security advisory
(http://lwn.net/2000/1109/a/sec-vlock.php3), as -a allowed any user to bypass
the password (ouch...).
Comment 2 Mark Doliner 2001-03-29 21:28:27 EST
Just as a tiny note, entering the user's password when prompted for root's
password will resume the user session.  It seems like if you're not going to
allow root to log in, you should at least change the prompt to "user's
Password:" rather than "root's Password:"
Comment 3 Michael K. Johnson 2002-01-18 12:54:33 EST
Software: that's the design behaviour; it's not giving you a new shell.
abartlett: you are right, there's no additional DOS beyond what you can
do anyway.

Note You need to log in before you can comment on or make changes to this bug.