LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 09-01-2007, 03:39 PM   #1
bhert
Member
 
Registered: May 2006
Distribution: OpenSUSE 10.3 Kubuntu Hardy Heron
Posts: 268

Rep: Reputation: 30
yast allowing any password


Yesterday, I started yast from the start menu and I entered my root password by mistake and found out that it let me in anyway. I restarted yast and just hit a bunch of keys and it let me in again. It's like yast has no password at all.

I then tested starting yast from the command line and hit a bunch of keys and the authentication failed and then entered my real password and it accepted.

Today, I started yast from start menu again, and the password authentication is back to normal. It seems to work fine again.

I used rkhunter but it found nothing.

I am concerned about this cause someone could have turned my firewall off and did other things that I won't notice.

What does all this mean? Did something happen to yast that I should be concerned about? I hope no one got in and took off the password for a while and put it back in. Thanks

-bhert

Last edited by bhert; 09-01-2007 at 03:42 PM.
 
Old 09-01-2007, 05:11 PM   #2
Larry Webb
LQ Veteran
 
Registered: Jul 2006
Location: Crystal Beach, Texas
Distribution: Suse for mail +
Posts: 5,100
Blog Entries: 7

Rep: Reputation: 229Reputation: 229Reputation: 229
I don't understand, isn't the root password supposed to allow YaST to open?

Last edited by Larry Webb; 09-01-2007 at 05:13 PM.
 
Old 09-02-2007, 04:15 PM   #3
bhert
Member
 
Registered: May 2006
Distribution: OpenSUSE 10.3 Kubuntu Hardy Heron
Posts: 268

Original Poster
Rep: Reputation: 30
yes, the root password allowed me to open yast as well as any password.
That was what I was concerned about.

I was saying about yast accepting any password a couple of days ago. Now it seemed fine. Now it allows only root password.

What I was concerned is that yast changed the password rules for a while.

-bhert
 
Old 09-02-2007, 04:54 PM   #4
Larry Webb
LQ Veteran
 
Registered: Jul 2006
Location: Crystal Beach, Texas
Distribution: Suse for mail +
Posts: 5,100
Blog Entries: 7

Rep: Reputation: 229Reputation: 229Reputation: 229
I don't doubt you, its something I haven't heard of, I would think everything is probably fine or you would have problems by now. If I were you I think I would check it everyday or two for a while to make sure the same situation doesn't occur again.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Allowing user to change the password santhosh23 Linux - General 11 05-02-2007 01:36 AM
Allowing certain IPs to login SAMBA without password Panagiotis_IOA Linux - Networking 0 06-07-2006 07:40 PM
Allowing SSH to accepts ANY Password mperkel Linux - Security 14 11-01-2005 12:42 PM
Newbie probs upgrading to 9.2, Yast not allowing disk partition or DVD boot!! Laura Q SUSE / openSUSE 1 04-21-2005 12:46 PM
Suse 9.0 SANE not allowing YAST to recognize printer? gSalsero Linux - Distributions 0 04-16-2004 06:52 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 03:59 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration