LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)
-   -   ls /etc | sh making root passwd empty in my linux box. (https://www.linuxquestions.org/questions/linux-software-2/ls-etc-%7C-sh-making-root-passwd-empty-in-my-linux-box-4175587407/)

sivagopiraju 08-19-2016 04:16 AM

ls /etc | sh making root passwd empty in my linux box.
 
1> When i ran the command "ls /etc | sh", root password becomes empty. Using busybox-1.18.5. As of i know this passwd command changing busybox password.
2> So, my point here is about to solve the "ls /etc |sh" should not make the root password empty.

Output:
~ # ls /etc | sh
Changing password for root
New password:
Bad password: too short
Retype password:
Password for root changed by root

Here root password is empty now.

pan64 08-19-2016 04:22 AM

Quote:

As of i know this passwd command changing busybox password
Where is this information coming from?

sivagopiraju 08-19-2016 04:25 AM

When enter the command passwd --help.
~ # passwd --help
BusyBox v1.18.5 (2016-08-18 19:07:10 IST) multi-call binary.

pan64 08-19-2016 04:27 AM

Code:

% busybox passwd --help
BusyBox v1.21.1 (Ubuntu 1:1.21.0-1ubuntu1) multi-call binary.

Usage: passwd [OPTIONS] [USER]

Change USER's password (default: current user)

        -a ALG        Encryption method
        -d        Set password to ''
        -l        Lock (disable) account
        -u        Unlock (enable) account

the method you mentioned is not printed here.

sivagopiraju 08-19-2016 04:37 AM

~ # ls /etc | sh
This command making root password becomes empty.

~ # passwd --hlep
passwd: unrecognized option `--hlep'
BusyBox v1.18.5 (2016-08-18 19:07:10 IST) multi-call binary.

Usage: passwd [OPTIONS] [USER]

Change USER's password. If no USER is specified,
changes the password for the current user.

Options:
-a ALG Algorithm to use for password (des, md5)
-d Delete password for the account
-l Lock (disable) account
-u Unlock (re-enable) account


My intention is to say this passwd command is busybox command.
But main issue is with "ls /etc | sh" command.

pan64 08-19-2016 04:53 AM

Quote:

~ # ls /etc | sh
This command making root password becomes empty.
where is this information coming from?

sivagopiraju 08-19-2016 05:01 AM

Quote:

where is this information coming from?
Executed this command in the shell of my linux box.

pan64 08-19-2016 05:11 AM

accidentally/occasionally it may work, but I think it is not recommended at all.

Quote:

But main issue is with "ls /etc | sh" command.
What is the issue you want to discuss?

sivagopiraju 08-19-2016 05:23 AM

"ls /etc | sh" executed in shell.

The files under /etc directory is piped to sh. passwd file also present under the /etc directory.

Whenever the passwd file is piping to sh, sh treating that as a command, only when we have passwd command under /usr/bin.

So, shell executing that command and providing some input to passwd command, then making password empty.

i don't want to shell making password empty.

pan64 08-19-2016 05:25 AM

so do not execute that command

sivagopiraju 08-19-2016 05:33 AM

Thanks,

we are using the cli in my product to execute the commands,

We have an option that we can execute shell commands from cli, so that time if anybody uses this command from cli my root password will becomes empty.

Then my box is open to that guy.

So, requires fix.

And one more thing, same command executed in the ubuntu system it is not allowing shell to change password.

Output on ubuntu:
# ls /etc | sh
Enter new UNIX password: Retype new UNIX password: passwd: Authentication token manipulation error
passwd: password unchanged

pan64 08-19-2016 06:31 AM

Only root allowed to change the root password and you cannot restrict root anyway. So he/she will be able to execute passwd -d and therefore will be able to set passwd to ''.
The result of ls /etc depends on the host itself (content of /etc), therefore ls /etc | sh may or may not change password (see post #8).

sivagopiraju 08-19-2016 07:21 AM

It is always changing the root password, i need to solve this bug.
Thanks for you discussion.

pan64 08-19-2016 07:23 AM

this is not a bug, you cannot solve it.

sivagopiraju 08-19-2016 07:28 AM

But this is vulnerability to the product. So, should have some fix.

Is there any possibility to make filesystem read only when we are executing this command.

And is there any possibility to catch shell inputs from the code point of view.


All times are GMT -5. The time now is 10:25 PM.