Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 1482 - possible security issue (hard to trigger)
Summary: possible security issue (hard to trigger)
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: [OLD] Core system (show other bugs)
Hardware: x86 Linux
: High normal (vote)
Assignee: Daniel Robbins (RETIRED)
Depends on:
Reported: 2002-04-02 16:02 UTC by Brandon Low (RETIRED)
Modified: 2003-02-04 19:42 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Brandon Low (RETIRED) gentoo-dev 2002-04-02 16:02:08 UTC
This appears to be an issue that arises when /etc/passwd and /etc/group aren't
correctly synched with their shadow counterparts.

To trigger the bug on a broken system, try to login as a user with an valid
username but invalid password, then try to login as that user with root's
password, and then login as that user correctly, if the system is affected, you
fill find that you are root with a broken home directory.  

The immediate fix for an effected system is to resync the passwd and shadow
files by doing the following:

-==-cut here-==-
-==-cut here-==-

at least that is what worked for me.
Comment 1 Avi Schwartz 2002-04-03 15:01:48 UTC
This is a realy BIG problem.  It is much easier to replicate then desribed.  Try
to login from a virtual terminal 3 times in a row as a regular user with the
wrong password (any password) and finaly enter the correct password.  You are
now logged in as root.

Someone just posted that it can be remotely eploitable if you run a telnet
server.  This is so big, that until it is fixed, you should recommend
disconnecting Gentoo boxes from the Internet.

The big priority and severity should be upped to the maximum.
Comment 2 Daniel Robbins (RETIRED) gentoo-dev 2002-04-03 15:39:27 UTC
the problem is with flaking out if there are minor issues with the
passwd database.  It's still a problem -- fix in progress... stay
tuned... (replace all occurrences of with in your
/etc/pam.d files, particularly system-auth for a quick fix..)
Comment 3 Daniel Robbins (RETIRED) gentoo-dev 2002-04-03 23:43:58 UTC
The 4.0.2-r2 shadow package fixes this big bad Gentoo 1.0 bug.