Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 12 Mar 2002 15:02:26 +0100 (CET)
From:      Parys <irys@host-212-42.tele2.pl>
To:        freebsd-bugs@FreeBSD.org
Cc:        freebsd-security@FreeBSD.org
Subject:   Re: i386/35816: no one can change password, because "passwd DB is locked"
Message-ID:  <Pine.LNX.4.44.0203121408490.18795-100000@host-212-42.tele2.pl>

next in thread | raw e-mail | index | archive | help

my comment fot these:
http://www.freebsd.org/cgi/query-pr.cgi?pr=35816
at bottom, below quote:

--- cut ---

no one can change password, because "passwd DB is locked"

Confidential
no
Severity
serious
Priority
medium
Responsible
freebsd-bugs@FreeBSD.org
State
closed
Class
sw-bug
Submitter-Id
current-users
Arrival-Date
Tue Mar 12 03:10:01 PST 2002
Closed-Date
Tue Mar 12 03:43:52 PST 2002
Last-Modified
Tue Mar 12 03:43:52 PST 2002
Originator
Slawomir Parysek <irys@irc.pl>
Release
4.5-RELEASE
Organization
ArgNet

Environment
FreeBSD my.host.name.com.pl 4.5-RELEASE FreeBSD 4.5-RELEASE #0: Mon Jan 28
14:31:56 GMT 2002
murray@builder.freebsdmall.com:/usr/src/sys/compile/GENERIC  i386

Description
    When one (malicious) user edit his own passwd database (via $ chpass
command), no one can change password, because "passwd DB is locked". Also
root cant't change any information in passwd database, eg add/delete
    It is very importand problem especialy on systems whih acts as shell
box (TM.).


How-To-Repeat
how to repeat, huh, thats simple:
log in into accont and leave an running "chpass" command on screen and log
out, huh noone can change his/her passd and/or any other info by editing
/etc/passwd* etc

Fix
      how to fix it? hmm... block acces to command chpass for all
suspicous users ;-P

Audit-Trail
State-Changed-From-To: open->closed
State-Changed-By: billf
State-Changed-When: Tue Mar 12 03:41:48 PST 2002
State-Changed-Why:
this is not a bug. root can find the process that is holding the lock
on the password database and kill both it and the user holding it.


http://www.FreeBSD.org/cgi/query-pr.cgi?pr=35816


--- /cut ---


Hi all.

I affraid it can be big problem. I know, it's obvious, root can kill both
user and process that is holding the lock on passwd database, but it may be
problemous to monitor and/or kill all users(who play a joke) and his processes,
especialy on productional system where all tenths/hundreds users pay $ for
his accounts and, where lot of real users heave access to one account, and
some users are careless for his doings.

The siple way to prevent such incident is build an shell-based or perl
script and run it periodicaly from crontab or run it in daemon-like
mode(loop), script which take care on passswd database of course and some
usrers which can lock it, or whatever.

I think (if I can ever think ;o) that better way is to fix this problem in
"chpass" binary file or whatever.

thank's a lot for attention
best regards


Parys
irys@irc.pl


ps: sorry for my bad english knowledge




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.44.0203121408490.18795-100000>