Welcome to the most active Linux Forum on the web.
Go Back > Forums > Linux Forums > Linux - Newbie
User Name
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!


  Search this Thread
Old 08-20-2005, 07:31 PM   #1
Registered: Mar 2004
Distribution: Slackware 10.2
Posts: 213

Rep: Reputation: 30
users can access root withouh being asked for a password

after solving a little problem that i had before it seems that users can run "su" without bing asked for a password.

well this what I have done before
chown user /etc/shadow /etc/passwd
chmod 740 /etc/shadow /etc/passwd

what i did up to now is this:

root@Admin:/home/moderator# chmod 740 /etc/passwd /etc/shadow
root@Admin:/dev# ls -l /etc/passwd /etc/shadow
-rwxr----- 1 root root 765 2005-08-20 11:31 /etc/passwd
-rwxr----- 1 root shadow 567 2005-08-20 11:41 /etc/shadow

but still users can access root without being asked for the root password, anyhelp?
Old 08-20-2005, 07:53 PM   #2
Registered: Dec 2003
Location: ~root
Distribution: Debian
Posts: 363

Rep: Reputation: 33
using su does not have ANY relation whatsoever to the /etc/passwd file. Users can become root because there is no root passwod set - set one. If you don't want a root password (which is discouraged), disable the SUID bit on it using the following command (this means that nobody can use su successfully, even if they know the password:

chmod u-s /bin/su
Old 08-20-2005, 08:05 PM   #3
Registered: Mar 2004
Distribution: Slackware 10.2
Posts: 213

Original Poster
Rep: Reputation: 30
I did change the password but still can access:

root@Admin:~# passwd
Changing password for root
Enter the new password (minimum of 5, maximum of 127 characters)
Please use a combination of upper and lower case letters and numbers.
New password:
Re-enter new password:
Password changed.
root@Admin:~# exit
moderator@Admin:~$ su
Old 08-20-2005, 08:15 PM   #4
Registered: Dec 2003
Location: ~root
Distribution: Debian
Posts: 363

Rep: Reputation: 33
Make sure the password is non-blank. If it oesn't work, remove teh SUID bit.

Or, even remove the package that provides it or delete the binary.
Old 08-21-2005, 12:56 AM   #5
Senior Member
Registered: May 2004
Location: In the DC 'burbs
Distribution: Arch, Scientific Linux, Debian, Ubuntu
Posts: 4,284

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Also, check /etc/pam.d/ (which controls authentication for su assuming you are using pluggable authentication modules, which you should be if you're using Debian or Ubuntu) and make sure that you don't have something dset that just allows all access (post contents of the file if you can't decipher it, since it can be a bit tricky).


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
users other than root can not access internet ? summerfish Linux - Networking 4 07-17-2004 09:03 PM
requiring root password for app access? mysticpain Linux - Software 3 06-08-2004 09:19 PM
Root password for internet access jsin Red Hat 2 01-02-2004 04:29 AM
Allright, changed root password and questions about adding users RIOMX Linux - Newbie 2 10-30-2003 04:28 PM
non-root users inet access Duckus Linux - Newbie 4 06-05-2003 11:40 PM > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 03:28 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration