https://bugzilla.novell.com/show_bug.cgi?id=686482 https://bugzilla.novell.com/show_bug.cgi?id=686482#c0 Summary: By using gnome-keyring in the PAM configuration, the su command in KDE grants root access without requiring a password Classification: openSUSE Product: openSUSE 11.4 Version: Final Platform: x86-64 OS/Version: openSUSE 11.4 Status: NEW Severity: Critical Priority: P5 - None Component: Security AssignedTo: security-team@suse.de ReportedBy: DominicKramer@gmail.com QAContact: qa@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16 I noticed while in KDE I could issue "sudo -s" in Konsole and enter a root shell without supplying a password. I thought this was a sudo configuration error, but my configuration seemed correct. I tested further and found if I ran "su" from Konsole and simply pressed enter I could open a root shell without supplying a password. In fact, if I entered any text as the password I would successfully enter a root shell. Running "whoami" verified that I was indeed the root user. Furthermore, in the GNOME desktop, running "su" from gnome-terminal would not allow me to enter the root shell even if I actually did supply the correct password. Every attempt to enter a root shell would report that my password was incorrect. When I installed OpenSUSE 11.4 I installed KDE desktop since its my desktop of choice. Later though, I installed GNOME and during the installation installed the package "gnome-keyring-pam". I do not know if it was automatically installed or if I selected to install it manually. Regardless, it appears that the package "gnome-keyring-pam" may be the cause of the problems described above. Specifically, I noticed that PAM was set to use gnome-keyring in /etc/pam.d/common-auth. However, I did not want PAM to use gnome-keyring. This I uninstalled the gnome-keyring-pam package since YAST reported no conflicts or problems would occur from deleting this package. Further, I assumed the uninstall scripts would update the PAM configuration files to reflect the change. However, after uinstalling gnome-keyring-pam, issuing "su" would not ask for the root password but would immediately fail, saying the password was incorrect. Similarly, "sudo -s" would not ask for a password but would return three lines stating that the password was incorrect and then would quit stating that there were three unsuccessful login attempts. This new problem seems related to the overarching problem in that the PAM configuration files in /etc/pam.d were not correctly written. When gnome-keyring was installed, the PAM configuration file (specifically /etc/pam.d/common-auth) was set to use gnome-keyring. After uninstalling gnome-keyring, was blank (except for comments). I think this is why, su essentially stopped working. However, in this state, I could still log into the system as the root user on TTY1 (accessed with ALT-CTRL-F1), by entering the username "root" and pressing enter (i.e. not entering a password). This is not surprising since the PAM configuration was essentially broken. Then by running "pam-config --create" as the root user, I created a default UNIX style PAM configuration after which su and sudo work as expected. That is, they ask for a password and do not continue until the correct password is entered. In summary it appears that after installing gome-keyring, the PAM configuration opens a HUGE security exploit as local users can gain root access without supplying a password. Furthermore, uninstalling gnome-keyring via Yast2 doesn't appear to automatically fix the PAM configuration files. Reproducible: Always Steps to Reproduce: 1. 2. 3. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.