Security Basics mailing list archives
Re: Multiple login accounts with root privileges
From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Mon, 7 Apr 2008 18:09:38 +0200
On 2008-04-07 ganesh mahadevan wrote:
I was testing a thin client box and found that I could login as Root, Administrator and Admin (all with the same password). whoami indicated 'root' in all three cases. Is this some sort of aliasing going on? I may not be entirely correct on this but shouldn't the number of users with root privileges be restricted?
Advice #1: always post the operating system. Since you mention "root" and "whoami" I'm assuming that you're talking about some Unix flavour. In that case take a look at /etc/passwd and /etc/shadow. You most likely find that you have multiple accounts with UID 0 and the same password (hash). When you have more than one admin for a Unix or Linux system it's rather common to have multiple accounts with UID 0. In your case, however, it looks rather like you don't have several users, but only several different account names for the same role, which doesn't make much sense IMHO.
What is your advice on this issue?
Find out why there the additional root accounts exist, and if there's no reason for them to be there: delete them. Regards Ansgar Wiechers -- "All vulnerabilities deserve a public fear period prior to patches becoming available." --Jason Coombs on Bugtraq
Current thread:
- Multiple login accounts with root privileges ganesh mahadevan (Apr 07)
- Re: Multiple login accounts with root privileges Ansgar -59cobalt- Wiechers (Apr 07)
- Re: Multiple login accounts with root privileges Gleb Paharenko (Apr 07)
- Re: Multiple login accounts with root privileges Jason (Apr 07)
- Re: Multiple login accounts with root privileges li bo (Apr 08)
- Message not available
- Re: Multiple login accounts with root privileges Jason (Apr 08)
- Re: Multiple login accounts with root privileges ganesh mahadevan (Apr 08)