Bugtraq mailing list archives
Re: vlock vulnerability in RedHat 7.0
From: Jon Lewis <jlewis () LEWIS ORG>
Date: Wed, 8 Nov 2000 09:53:24 -0500
On Tue, 7 Nov 2000, Bartlomiej Grzybicki wrote:
I've tried to lock all virtual consoles in RedHat 7.0 using vlock, which is delivered with this release of RedHat. If user root locks all consoles - it's no problem, but if normal user locks consoles then anybody can unlock without typing a password.
As long as someone is looking at the code for vlock, here's another bug. When you use vlock to lock a VC, it prompts you for your password to unlock. i.e. This TTY is now locked. Please enter the password to unlock. jlewis's Password: If you hit enter, it prompts you for the root password to unlock. This TTY is now locked. Please enter the password to unlock. jlewis's Password: [pressed enter] root's Password: Contrary to the prompt and the man page, the root password will not unlock this VC. The user's password, entered at either of the (jlewis|root)'s Password: prompts will unlock the VC. I've tested this on Red Hat 6.2 and 7.0. ---------------------------------------------------------------------- Jon Lewis *jlewis () lewis org*| I route System Administrator | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
Current thread:
- vlock vulnerability in RedHat 7.0 Bartlomiej Grzybicki (Nov 08)
- Re: vlock vulnerability in RedHat 7.0 Trond Eivind Glomsrød (Nov 09)
- Re: vlock vulnerability (solution: w00w00's CAP) Matt Conover (Nov 09)
- Re: vlock vulnerability in RedHat 7.0 Jon Lewis (Nov 09)
- Re: vlock vulnerability in RedHat 7.0 Luca Berra (Nov 09)
- <Possible follow-ups>
- Re: vlock vulnerability in RedHat 7.0 Vladislav V. Mikhailov (Nov 09)