[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] password change on NIS as root?



On Fri, Dec 19, 2003 at 04:02:40PM +0000, Bob Vickers wrote:
> But I was very surprised that rpasswdd works without you needing to create
> an entry in /etc/hosts.allow. So although rpasswd fixes one security hole
> by preventing plaintext passwords going across the network it potentially
> opens up another. With our old setup even if someone managed to discover
> the root password it was useless to them unless they also knew an
> administrator's regular password because neither ssh nor su let them gain
> root privilege except from a very small number of accounts.  But now they
> can run rpasswd from any machine on the campus and rpasswdd will
> happily let them change any user's password.

I think letting users discover the root password of your server machine is
really really bad. If that happens, you're almost toast anyway. rpasswdd
is far from the only service granting folks knowing the root password
special privileges. LDAP comes to mind.

I agree though that the ability to turn admin mode off or limit it
to a set of trusted IPs could be helpful. Would you care to submit
a patch?

Olaf
-- 
Olaf Kirch     |  Stop wasting entropy - start using predictable
okir@xxxxxxx   |  tempfile names today!
---------------+ 

-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here