WelcomeWelcome | FAQFAQ | DownloadsDownloads | WikiWiki

Author Topic: Big security flaw with custom user and noautologin  (Read 2814 times)

Offline baz

  • Full Member
  • ***
  • Posts: 216
Big security flaw with custom user and noautologin
« on: February 26, 2010, 01:18:52 PM »
If you specify a custom user and noautologin in the bootcodes (already having set the passwords and all) you can simply bypass it all by providing the user "tc" with no password to get into the system.

Please let me know if I should not report problems or issues regarding custom users since bmarkus let me know in another thread that focus on this is being delayed to a later date.

Baz

Offline gerald_clark

  • TinyCore Moderator
  • Hero Member
  • *****
  • Posts: 4249
Re: Big security flaw with custom user and noautologin
« Reply #1 on: February 26, 2010, 01:23:20 PM »
Did you also set a password for tc?

Offline baz

  • Full Member
  • ***
  • Posts: 216
Re: Big security flaw with custom user and noautologin
« Reply #2 on: February 26, 2010, 01:27:48 PM »
No, went directly to custom user. That would very likely work but should be documented I guess

Offline baz

  • Full Member
  • ***
  • Posts: 216
Re: Big security flaw with custom user and noautologin
« Reply #3 on: February 26, 2010, 01:38:40 PM »
Another issue actually - and perhaps I am misunderstanding how this is supposed to work - if I am using the default user "TC" (on a fresh install without ever having specified a custom user) and I want to specify noautologin - I first have to temporarily provide the bootcode "secure" to set the passwords. Once those are set, I remove the "secure" bootcode, and provide /etc/shadow to .filetool.lst, is this correct?

The problem is if I do that, and reboot, TC does not require a password, but if I keep the "secure" bootcode I am asked to redo my passwords at every boot.

Thoughts?

Offline danielibarnes

  • Hero Member
  • *****
  • Posts: 546
Re: Big security flaw with custom user and noautologin
« Reply #4 on: February 26, 2010, 01:57:20 PM »
Are you certain the backup containing your custom etc/shadow was restored?

I agree that if you specify a custom user the tc user should not even be present, but that likely involves a lot of changes and testing so I figure it will be investigated after 2.9 is released.
« Last Edit: February 26, 2010, 01:59:46 PM by danielibarnes »

Offline baz

  • Full Member
  • ***
  • Posts: 216
Re: Big security flaw with custom user and noautologin
« Reply #5 on: February 26, 2010, 01:59:00 PM »
No not certain at all, how can I check?

Offline danielibarnes

  • Hero Member
  • *****
  • Posts: 546
Re: Big security flaw with custom user and noautologin
« Reply #6 on: February 26, 2010, 02:01:19 PM »
Quote
No not certain at all, how can I check?
Use the "pause" boot parameter to look for a "backup restored" message. Also, compare the contents of /etc/shadow with the default and what is in your mydata.tgz.

Offline baz

  • Full Member
  • ***
  • Posts: 216
Re: Big security flaw with custom user and noautologin
« Reply #7 on: February 26, 2010, 02:05:40 PM »
Oh man, I am such an idiot. This is my first time using MicroCore and I am so used to associating backing up with rebooting in TinyCore that I never ran: filetool.sh backup

Embarrassing.

Thanks!

By the way, do you have to do chpasswd at some point too, or noautologin/secure are all that's needed?

Offline danielibarnes

  • Hero Member
  • *****
  • Posts: 546
Re: Big security flaw with custom user and noautologin
« Reply #8 on: February 26, 2010, 02:14:24 PM »
once you save the password in /etc/shadow you only need the noautologin boot parameter.

Offline baz

  • Full Member
  • ***
  • Posts: 216
Re: Big security flaw with custom user and noautologin
« Reply #9 on: February 26, 2010, 02:15:44 PM »
so I never needed to chpasswd, not even once?

Offline danielibarnes

  • Hero Member
  • *****
  • Posts: 546
Re: Big security flaw with custom user and noautologin
« Reply #10 on: February 26, 2010, 02:33:00 PM »
Not if you already set the passwords with "secure." If you examine /etc/init.d/tc-config you will see that it uses chpasswd to set the passwords. There are three different ways to set passwords:
1) Boot with the "secure" boot parameter,
2) Use chpasswd, or
3) Use passwd.

Offline baz

  • Full Member
  • ***
  • Posts: 216
Re: Big security flaw with custom user and noautologin
« Reply #11 on: February 26, 2010, 02:38:54 PM »
awesome possum - can we rename "secure" to "setpassword"

Offline moB

  • WikiUser
  • *
  • Posts: 43
Re: Big security flaw with custom user and noautologin
« Reply #12 on: February 27, 2010, 01:14:51 AM »
once you save the password in /etc/shadow you only need the noautologin boot parameter.

Suppose one could still boot to CMD only (noX) edit shadow so passwords are blank ("root::...") done this before when passwords were lost (old OS hadn't been in use, but I needed to access some files...)

Often setting bootcode "linux single" results in root login without need to edit shadow; this has worked before, too. Is it prevented in TC?

Keep access to your (physical box) system secure and you will be secure.
Paswords are only a slight deterence to intrusion. Even windoze can be accessed by simple methods.
Check out RecoveryCD (gentoo-based.)

b.

"Ships are safe in harbor, but were never meant to stay there."

Offline curaga

  • Administrator
  • Hero Member
  • *****
  • Posts: 9612
Re: Big security flaw with custom user and noautologin
« Reply #13 on: February 27, 2010, 04:04:23 AM »
There are no runlevels in TC, so the single code wouldn't do anything.
The only barriers that can stop you are the ones you create yourself.

Offline moB

  • WikiUser
  • *
  • Posts: 43
Re: Big security flaw with custom user and noautologin
« Reply #14 on: February 27, 2010, 04:16:08 AM »
Also, my comments about security weakness do not apply to encrypted backups. So for those needing more security the "protect" boot option seems best.

It still wouldn't protect those files in persistent mode, of course. So adjust settings to suit your requirements.

b

"and yet so mystical and well nigh ineffable was it, that I almost despair of putting it in a comprehensible form."
The Whale