xo root passwd

david at lang.hm david at lang.hm
Mon Jan 14 12:59:22 EST 2008


On Mon, 14 Jan 2008, starsu at media.mit.edu wrote:

> Date: Mon, 14 Jan 2008 07:42:55 -0500
> From: starsu at media.mit.edu
> To: acahalan at gmail.com
> Cc: devel at lists.laptop.org, bernie at codewiz.org
> Subject: xo root passwd
> 
> Dear all,
>
> I did reflash my OLPC NAND into joyride 1501, and afterward rebooted
> it. When I  did login as root, it asked me password. Can you kindly
> let me know what the password is?

you can do 'sudo passwd' to set the password to a known value

David Lang

> Thanks,
>
> Sung-Hyuck
>
> On Sun, 2008-01-13 at 20:45 -0500, Albert Cahalan wrote:
> Bernardo Innocenti writes:
>>> Albert Cahalan wrote:
>>>> Bernardo Innocenti writes:
>>>>
>>>>> What we're actually doing is just to disable them in the
>>>>> default installation so that malicious activities cannot
>>>>> login as root or olpc and basically own the system.
>>>>
>>>> This is NOT needed at all.
>>>>
>>>> I wrote and tested an /etc/pam.d/su modification that will
>>>> prohibit all non-wheel users from getting su to work.
>>>
>>> What use is it if an application can login, su or sudo as
>>> user olpc with no password and _then_ su to root?
>>
>> No use, but the application can't do that, so the point is moot.
>>
>> That rule will block an "su" to/from any UID. Note that I
>> did not use pam_wheel, which fails to protect user "olpc".
>> I used pam_succeed_if to require the wheel group.
>>
>> This is even easier:
>>
>> chown root:wheel /bin/su
>> chmod 4550 /bin/su
>> _______________________________________________
>> Devel mailing list
>> Devel at lists.laptop.org
>> http://lists.laptop.org/listinfo/devel
>
> _______________________________________________
> Devel mailing list
> Devel at lists.laptop.org
> http://lists.laptop.org/listinfo/devel
>


More information about the Devel mailing list