Allowing passwordless login via GDM
Ouattara Oumar Aziz
wattazoum at gmail.com
Fri Feb 23 11:42:54 UTC 2007
> Moreover, this feature won't bring down security at all: you still need
> to enter your password to use gksudo, or ssh... This is only an old
> Unix-geek reflex putting down Windows about its lacks. But this is not a
> lack, even Windows has many! Linux power is that you can enable almost
> all features you want/need, while they are not dangerous
An example of security related to that hit me. Let's say we have a
passwordless account called "User". then let's install xchat-gnome ( IRC
chat client). Xchat is well done, and nicely integrated in ubuntu, so
when you launch it, it proposes you to take your login as a nickname,
well, since *User* don't care he just accepts.
Suppose there is a security hole/feature (on xchat or another program or
server ) that can give a third person access to the computer and propose
him to login ( badly set up ssh, or another daemon like vnc ). the third
person already knows the login, and don't need a password. He is in ! (
to prevent that the computer manager should have well set up the
computer, right ? so he should have work more just to let people login
You might tell me , "yeah, the guy is in but got no administrative right
!" . First he can destroy all *User*'s datas. Isn't that bad enough ?
Let's continue. By default, any user has read access to /etc/passwd .
then he could get all users login there. There is obviously one of them
with sudo right. So now he has passed the security introduced by ubuntu
in forcing the pirate to found a pair "login/password".
All of that because we created a user without password. :(
More information about the Ubuntu-devel-discuss