xo root passwd
starsu at media.mit.edu
starsu at media.mit.edu
Mon Jan 14 07:42:55 EST 2008
Dear all,
I did reflash my OLPC NAND into joyride 1501, and afterward rebooted
it. When I did login as root, it asked me password. Can you kindly
let me know what the password is?
Thanks,
Sung-Hyuck
On Sun, 2008-01-13 at 20:45 -0500, Albert Cahalan wrote:
Bernardo Innocenti writes:
> > Albert Cahalan wrote:
> >> Bernardo Innocenti writes:
> >>
> >>> What we're actually doing is just to disable them in the
> >>> default installation so that malicious activities cannot
> >>> login as root or olpc and basically own the system.
> >>
> >> This is NOT needed at all.
> >>
> >> I wrote and tested an /etc/pam.d/su modification that will
> >> prohibit all non-wheel users from getting su to work.
> >
> > What use is it if an application can login, su or sudo as
> > user olpc with no password and _then_ su to root?
>
> No use, but the application can't do that, so the point is moot.
>
> That rule will block an "su" to/from any UID. Note that I
> did not use pam_wheel, which fails to protect user "olpc".
> I used pam_succeed_if to require the wheel group.
>
> This is even easier:
>
> chown root:wheel /bin/su
> chmod 4550 /bin/su
> _______________________________________________
> Devel mailing list
> Devel at lists.laptop.org
> http://lists.laptop.org/listinfo/devel
More information about the Devel
mailing list