Trouble Logging In as Root

Mark Haney mhaney at ercbroadband.org
Mon Nov 10 15:14:48 UTC 2008 

Nils Kassube wrote:
> Mark Haney wrote:
>> CLIFFORD ILKAY wrote:
>>> Ignore the advice to set a root password.
>> NEVER leave root without a 
>> password.  PERIOD.  
> 
> Why do I need a root password if the root account is locked? Clifford 
> didn't advise to use a blank password but to leave the root account 
> locked.
> 
>> This is not only probably the biggest security hole 
>> ever, it's just plain wrong.  Root is (in the phrasing of Ric Flair)
>> 'THE MAN'.  It can do everything.  Anyone leaving root exposed runs a
>> big risk.
> 
> Then it is even better to have no root password set with but keep the root 
> account locked to reduce the exposure, or am I missing something?

Locking the root account is fine, even preferred, but leaving it 
'unlockable' and with an empty password is stil (IMHO) a bad idea.  I've 
never preferred locking it WITHOUT a passwd.  Again, my advice, be 
paranoid.

> 
>> I am aware of the fact that Ubuntu gives sudo access to virtually
>> everything for the first user, 
> 
> But you don't seem to be aware that the root account doesn't have a blank 
> password but we have a locked root account. You simply can't login as 
> root unless you intentionally set a root password.

I am aware, but that still is only part of the problem, with sudo access 
you can unlock root, and still make yourselves even more vulnerable 
without a hard to crack passwd.  Sure, if the primary user is 
compromised, you're screwed anyway, but the point here is never do just 
one or the other.  Do both.  Of course, this only comes with experience, 
I've had that happen to me once.  Long ago.  But hey, it's your system. 
  Do what you want, I'm just offering my experiences in the past.  Never 
assume locking root is enough.


> 
>> but let's examine the possibilities 
>> here. Let's say I compromise your system's primary user account. I can
>> sudo into root, then lock everyone else out with a couple changes to
>> sudo using visudo as well as edit the root passwd.  What do you do
>> then? You're busted.  Period.  There is no real recovery from that,
>> because even with a rescue CD you pretty much need to know the root
>> passwd. 
> 
> Why that? I use the Ubuntu LiveCD and can easily get a root shell 
> with "sudo su". Then I can mount the HD of the compromised system and 
> make changes to get access again.

Sure, yeah, that works but only when you have the LiveCD with you.  I 
personally either a) don't always carry boot disks with me or b) am too 
far away from said system to use one.  Sure, I carry around a bootable 
flash drive that can work, but I don't always carry it with me.  Again, 
my advice, never assume you'll have one with you, or be close enough to 
the system to use it.  Trust me, when the poop hits the fan, you're 
almost always missing something that would make life easier on hand with 
you.  (Unless you're Macgyver, then it's open season.)



> 
> 
> Nils
> 


-- 
Frustra laborant quotquot se calculationibus fatigant pro inventione 
quadraturae circuli

Mark Haney
Sr. Systems Administrator
ERC Broadband
(828) 350-2415

Call (866) ERC-7110 for after hours support

More information about the ubuntu-users mailing list