disabling root and olpc passwords

Bernardo Innocenti bernie at codewiz.org
Sun Jan 13 18:59:59 EST 2008


Albert Cahalan wrote:
> Bernardo Innocenti writes:
> 
>> What we're actually doing is just to disable them in the
>> default installation so that malicious activities cannot
>> login as root or olpc and basically own the system.
> 
> This is NOT needed at all.
> 
> I wrote and tested an /etc/pam.d/su modification that will
> prohibit all non-wheel users from getting su to work.

What use is it if an application can login, su or sudo as
user olpc with no password and _then_ su to root?

You can close all the open doors one by one by ruling out
logins with empty passwords like ssh does, but then what
would be the difference between an empty password and
no password at all?

Captain Obvious just told me that on any UNIX system, setting
an empty password should enable a user to login without typing
a password, while disabling the password should instead disable
logins by that user.

The ssh default of not accepting empty passwords is just
a bit too paranoid for some scenarios, and not paranoid enough
for others (why not also disallow stupid passwords? :-)


> Apply both if you wish, but either alone will do nicely.
> There are other ways too, like SE Linux.

While I would certainly consider improvements, what's wrong
that we're trying to fix with this simple solution we already
adopted?

-- 
 \___/
 |___|   Bernardo Innocenti - http://www.codewiz.org/
  \___\  One Laptop Per Child - http://www.laptop.org/



More information about the Devel mailing list