bobk@fred.UUCP (Bob Kinne) (08/26/89)
What is the purpose of the following /etc/passwd entry? ::0:0::: (null login, password, and shell) Thanks.
bill@twwells.com (T. William Wells) (09/10/89)
In article <3474@altos86.Altos.COM> uunet!ncar.UCAR.EDU!boulder!fred!bobk (Bob Kinne) writes:
: What is the purpose of the following /etc/passwd entry?
:
: ::0:0::: (null login, password, and shell)
There is no purpose to it, unless some hacker put it in to allow
anyone root access.
Generally, it is created by a bug in the software. Here is a way that
is reputed to create such a line: edit the /etc/passwd file and put a
blank line in it. Then run passwd to change a password.
Your milage may vary.
---
Bill { uunet | novavax | ankh | sunvice } !twwells!bill
bill@twwells.com
ron@hardees.rutgers.edu (Ron Natalie) (09/10/89)
You put ::0:0:: lines in your password file so that anyone on the system can do su "" and get a root shell. Some stupid programs that deal with the password file make blank lines into those entries. They should not be there. Note, that there is a difference between that and the similar line with a "+" in it that sun uses for yellow pages hooking. -Ron
arnold@mathcs.emory.edu (Arnold D. Robbins {EUCC}) (09/10/89)
In article <3474@altos86.Altos.COM> uunet!ncar.UCAR.EDU!boulder!fred!bobk (Bob Kinne) writes: >What is the purpose of the following /etc/passwd entry? > >::0:0::: (null login, password, and shell) This is the result of leaving a blank line in /etc/passwd after editing it via the vipw program. It is an incredible security hole and should be deleted ASAP. -- Arnold Robbins -- Emory University Computing Center | Laundry increases DOMAIN: arnold@unix.cc.emory.edu | exponentially in the UUCP: gatech!emoryu1!arnold PHONE: +1 404 727-7636 | number of children. BITNET: arnold@emoryu1 FAX: +1 404 727-2599 | -- Miriam Hartholz
davidsen@crdos1.crd.ge.com (Wm E Davidsen Jr) (10/08/89)
In article <3474@altos86.Altos.COM>, bobk@fred.UUCP (Bob Kinne) writes: | What is the purpose of the following /etc/passwd entry? | | ::0:0::: (null login, password, and shell) This allows anyone to log in as root by giving a blank usename and no password. It's a bug, and you should get rid of it as a security hole. -- bill davidsen (davidsen@crdos1.crd.GE.COM -or- uunet!crdgw1!crdos1!davidsen) "The world is filled with fools. They blindly follow their so-called 'reason' in the face of the church and common sense. Any fool can see that the world is flat!" - anon
heilpern@BRL.MIL (10/08/89)
In article <3474@altos86.Altos.COM> uunet!ncar.UCAR.EDU!boulder!fred!bobk (Bob Kinne) writes: >What is the purpose of the following /etc/passwd entry? > >::0:0::: (null login, password, and shell) There is no good purpose of this line, it is a pretty serious security flaw. It was caused when 1) a blank line existed in the passwd file, and then 2) someone ran the passwd (change passwd) command. Remove this line (or have your adminitrator do it) immediately, and make sure there is never any blank lines in your passwd file again. >Thanks. You're welcome, Mark A. Heilpern --M. heilpern@brl.mil
jkp@cs.HUT.FI (Jyrki Kuoppala) (10/08/89)
>What is the purpose of the following /etc/passwd entry? > >::0:0::: (null login, password, and shell) It's a safeguard against bad memory; it lets you get superuser even if you someday will forget the root password. It's also useful if you go for a vacation and there's somebody else administering the machine; if you use this feature you don't have to tell the root password to that somebody, he won't need it. A variation: +::0:0::: This is not as good, because it works only on some systems and even then it doesn't work if the yellow pages is running. If you want to use this feature and don't want to type all those colons in (you'll easily type a wrong count of them) just say echo '' >> /etc/passwd and change somebody's login password. Enjoy, //Jyrki
gak@gakbox.Corp.Sun.COM (Richard Stueven) (10/08/89)
In article <3456@zorba.Tynan.COM> bill@twwells.com (T. William Wells) writes: >In article <3474@altos86.Altos.COM> uunet!ncar.UCAR.EDU!boulder!fred!bobk (Bob Kinne) writes: >: What is the purpose of the following /etc/passwd entry? >: >: ::0:0::: (null login, password, and shell) > >There is no purpose to it, unless some hacker put it in to allow >anyone root access. > >Generally, it is created by a bug in the software. Unless you're on a Sun, in which case it is a signal to "include the Yellow Pages password file here". have fun gak Richard Stueven gak@sun.com ...!attmail!rstueven ***These opinions belong to Ernie and his little pal Gus.*** ***He's mad! Mad, I tell you!***