Digital UNIX, C2 -> change root password as non-root

Digital UNIX, C2 -> change root password as non-root

Post by M.Saute » Fri, 02 May 1997 04:00:00



We have Digital UNIX 4.0 with Enhanced Security.
- Is there a way to set root privileges on special non-root accounts ?
- Is there a way to change root's password as non-root user ?

Thanks

Marc


 
 
 

Digital UNIX, C2 -> change root password as non-root

Post by Justin M. Strein » Sat, 03 May 1997 04:00:00



>We have Digital UNIX 4.0 with Enhanced Security.
>- Is there a way to set root privileges on special non-root accounts ?

You can add the user to the necessary groups (wheel, admin, authread,
whatever) and make necessary files group-writable, which will give you
pseudo-root access, but not total root access.  Stuff like this needs to
be done with extreme caution.

Quote:>- Is there a way to change root's password as non-root user ?

Why would you want to?  That opens up tons of potential security holes.
Break into one of the special accounts, reset root's password.  Bang -
you're In Like Flint.

--
-- justin m streiner --------------------------------------------------------
Systems Administrator                      WINDOWS '95 BUG REPORT FORM
IUP Math / Computer Science            Please describe the bug in detail in

web: http://www.co.iup.edu/~streiner                   ____
                                                      [____]
"...for when your packets absolutely, positively have to NOT get there on
time..."  -- JMS commenting on net traffic thru BA's Pittsburgh SMDS cloud

 
 
 

Digital UNIX, C2 -> change root password as non-root

Post by Don Nicho » Tue, 06 May 1997 04:00:00






        [ ... ]

Quote:>>- Is there a way to change root's password as non-root user ?

>Why would you want to?  That opens up tons of potential security holes.
>Break into one of the special accounts, reset root's password.  Bang -
>you're In Like Flint.

        Of course, *some* systems came with just such security holes.  In
the AT&T Unix-PC (a 68010-based desktop machine with rather nice visual
styling), there was an administrative account called "install", which did
have, from the windowing front end called "ua" (User Agent), the ability to
reset root's password.

        To add to the fun, the OS installation scripts made sure that you
set a password for root, but didn't bother guiding you past the concept of
setting a password for install.  (There were enough other holes in that
system so this was not the worst.  How about "/" and "/etc" having user write
permissions? :-) (This was in SysVr2 version 3.51, the last to escape before
the system was discontinued, though I doubt that the earlier were any more
secure.)

        Granted, the target audience for this system was *managers*, though
once they were discontinued, the nice low price made them good hacker (in
the good sense) machines.  They would have been better for that if the C
compiler were bundled into the system, but the assumption was that managers
wouldn't have any use for it, and developers would willingly pay extra. :-(

--

Disclaimer: No statements herein are to be considered as necessarily
representing the opinions of the Department of the Army or Night Vision Labs.
    Black holes are where GOD is dividing by zero -- (author unknown)

 
 
 

1. run a non-root user's program from a non-root user

Hi Folks,

Here is the problem.

I have user A and user B (non-root users)

I need for user A to initiate a job as user B. How can this be done?

As you know, I can do this as root. I can start a process from root as
another user in the system (cron jobs come to my mind!) Is there a way
to do this for non-root users? I believe I need to be able to do
something like  as user A
"su - B" without being prompted for password.

Appreciate suggestions in advance.

Pasha

BTW: I am using AIX 4.3.10

2. Suse 6.4: add_timer linking problem

3. From Root to non-Root on the fly => HOW?

4. How to setup disk quota for users?

5. Changing others passwords, as non-root user

6. Apache server docs in downloadable form

7. sar <interval> <number> doesn't work for non-root user

8. Archie & Gopher (binaries) for Linux ? Where?

9. changing NIS+ root master root password

10. wierd problem with non-root BASH (0.96 root and boot)

11. root privileges through non-root process?

12. KDE start times different for root and non-root.

13. RH8 - Problem w/non-root users starting root programs