Allowing passwordless login via GDM

Ouattara Oumar Aziz wattazoum at gmail.com
Fri Feb 23 11:42:54 UTC 2007


> Moreover, this feature won't bring down security at all: you still need 
> to enter your password to use gksudo, or ssh... This is only an old 
> Unix-geek reflex putting down Windows about its lacks. But this is not a 
> lack, even Windows has many! Linux power is that you can enable almost 
> all features you want/need, while they are not dangerous
An example of security related to that hit me. Let's say we have a 
passwordless account called "User". then let's install xchat-gnome ( IRC 
chat client). Xchat is well done, and nicely integrated in ubuntu, so 
when you launch it, it proposes you to take your login as a nickname, 
well, since *User* don't care he just accepts.
Suppose there is a security hole/feature (on xchat or another program or 
server ) that can give a third person access to the computer and propose 
him to login ( badly set up ssh, or another daemon like vnc ). the third 
person already knows the login, and don't need a password. He is in ! ( 
to prevent that the computer manager should have well set up the 
computer, right ? so he should have work more just to let people login 
without password.)

You might tell me , "yeah, the guy is in but got no administrative right 
!" . First he can destroy all *User*'s datas. Isn't that bad enough ? 
Let's continue. By default, any user  has read access to /etc/passwd . 
then he could get all users login there. There is obviously one of them 
with sudo right. So now he has passed the security introduced by ubuntu 
in forcing the pirate to found a pair "login/password".

All of that because we created a user without password. :(





More information about the Ubuntu-devel-discuss mailing list