[nasvet] root password v breeziju na vidnem mestu
bl4z
Član Ubuntu.si
torej .. dons je na vseh spletnih noviscih sijala novica v bugu v ubuntu breezy, k v namestitveni log file zapise root password ... kaj to pomen, za tiste k maste (mamo) servere dostopne prek neta ... torej .. opis napake:
smolja !
zdej najlazje se zadeva odprav tko, da vse filaje, kjer se pojav gleslo zbrise iz sistem ter preventivno zamenja root pass ..grep -r rootpassword /var
shows that the rootpassword is forgotten in cleartext by the installer on several occations
/var/log/installer/cdebconf/questions.dat:Value: mypasswd
/var/log/installer/cdebconf/questions.dat:Value: mypasswd
/var/log/debian-installer/cdebconf/questions.dat:Value: mypasswd
/var/log/debian-installer/cdebconf/questions.dat:Value: mypasswd
smolja !
Komentarji
I'm the Ubuntu installer maintainer, so obviously this bug is ultimately my fault. I'm sorry for that - it's clear it shouldn't have sneaked past QA. (We'll be updating our testing processes to be rather more careful about this sort of thing.) Now that I've spent the evening doing security updates to clean up the mess, I thought I might take a moment to explain how this happened, and why it wasn't noticed as an issue in Breezy at the same time as it was fixed in Dapper.
The Ubuntu installer (like Debian) uses a framework called debconf to do all its user interaction; that framework has a backend database which stores all the answers, which is where passwords ended up being stored for this vulnerability. Naturally, when you're asking for passwords using debconf, you take a lot of care to clean them out of the database afterwards: we explicitly clear them out in the password-asking code pretty much as soon as we can, and we have a separate database for the answers to password questions which isn't copied to the directory of installer log files in the final installed system. This had all been working well for some time (e.g. in Hoary).
Unfortunately, the way we arranged for the password question to be asked in the first stage of the Breezy installer meant that two debconf databases were involved rather than one, and the passwords only got cleared out of one of those databases. Even this would have been OK if it weren't for the fact that some changes we needed to make in cdebconf for other reasons in Breezy (I've yet to track down the exact changesets involved, but never mind) broke the mechanism that was supposed to make sure that passwords ended up in a separate database. Sigh.
As for why we didn't notice the problem in Breezy when this was fixed in Dapper, well, that's because the fix in Dapper was part of a massive installer reorganisation ( http://riva.ucam.org/~cjwatson/blog/ubuntu/2006-01-03-single-stage-installer.html ) and it was really just fixed by accident. So it goes.
Anyhow, I've fixed this just about as soon as was humanly possible for me, and take it extremely seriously. While perhaps for some of you it's too little too late, we'll do everything we can to install better defences against this kind of thing in future.
Zanima me se kako naredim da tudi sudo preko ssh-ja ne velja, in da se moram najprej logirat kot uporabnik, nato pa se kot root da pridem do superuser pravic.
...
PermitRootLogin no
AllowUsers mojxxxuser
Prosm če za sssssssssssshh uporabita drugo temo. Npr Mathai je dal en lep vprašanmje na katerga ni dobil odgovor.