From nobody@FreeBSD.org  Thu Mar 11 23:05:28 2004
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 2EC4116A4CE
	for <freebsd-gnats-submit@FreeBSD.org>; Thu, 11 Mar 2004 23:05:28 -0800 (PST)
Received: from www.freebsd.org (www.freebsd.org [216.136.204.117])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 24A3643D45
	for <freebsd-gnats-submit@FreeBSD.org>; Thu, 11 Mar 2004 23:05:28 -0800 (PST)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.12.10/8.12.10) with ESMTP id i2C75R72082164
	for <freebsd-gnats-submit@FreeBSD.org>; Thu, 11 Mar 2004 23:05:27 -0800 (PST)
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.12.10/8.12.10/Submit) id i2C75RpN082163;
	Thu, 11 Mar 2004 23:05:27 -0800 (PST)
	(envelope-from nobody)
Message-Id: <200403120705.i2C75RpN082163@www.freebsd.org>
Date: Thu, 11 Mar 2004 23:05:27 -0800 (PST)
From: Gerd Wachs <gerd.wachs@telia.com>
To: freebsd-gnats-submit@FreeBSD.org
Subject: Security issue : fstab item missing causes automatic login as root without password when machine restarted.
X-Send-Pr-Version: www-2.3

>Number:         64143
>Category:       misc
>Synopsis:       Security issue : fstab item missing causes automatic login as root without password when machine restarted.
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Mar 11 23:10:01 PST 2004
>Closed-Date:    Fri Mar 12 01:14:44 PST 2004
>Last-Modified:  Fri Mar 12 01:14:44 PST 2004
>Originator:     Gerd Wachs
>Release:        4.9 Release
>Organization:
>Environment:
>Description:
This is a security issue.
When an item in fstab no longer exists, and the machine is
restarted, FreeBSD logs you on as root without asking for a
password. You have full privilidges without having to select
a user or password.

>How-To-Repeat:
Clean installation.
Add a USB (Maxtor One Touch 120GB) to the machine.
Add a reference in the fstab so that it can be mounted.
Note that the reference has not been setup as automount.
Ensure that you can mount the device as normal.
Restart the machine with the device attached to confirm
normal request for user password occurs.
Shutdown the machine.
Remove the USB hard disk.
Restart the machine.
An error stating invalid device in the fstab.
You are asked for your shell with a default [bash\sh] for the root user.
You press enter, and you are into the system with root privileges
without having typed a password.
>Fix:
      
>Release-Note:
>Audit-Trail:

From: Sergey Akifyev <asa@gascom.ru>
To: Gerd Wachs <gerd.wachs@telia.com>
Cc: freebsd-gnats-submit@FreeBSD.org
Subject: Re: misc/64143: Security issue : fstab item missing causes
	automatic login as root without password when machine restarted.
Date: Fri, 12 Mar 2004 10:30:38 +0300

 --=-5zBcF27GX3rrWtorDLMA
 Content-Type: text/plain
 Content-Transfer-Encoding: quoted-printable
 
 On Fri, 2004-03-12 at 10:05, Gerd Wachs wrote:
 [...ripped by viruses...]
 > An error stating invalid device in the fstab.
 > You are asked for your shell with a default [bash\sh] for the root user.
 > You press enter, and you are into the system with root privileges
 > without having typed a password.
 
 This is not a security issue. This is what you system is configured to
 do. If you type:
 	# cat /etc/ttys |grep ^console
 it should say:
 	console none                            unknown off secure
 
 The 'secure' keyword here means, that single user mode can be entered
 without password. If you change this to 'insecure', FreeBSD will ask you
 root password before logging you into single user mode.
 
 This is documented in default /etc/ttys.
 IMHO, this PR can be closed.
 --=20
 regards,
 Sergey Akifyev <asa@gascom.ru>
 JSC Gascom <http://www.gascom.ru>
 PGP key available from:
 ftp://ftp.gascom.ru/pub/PGP-keys/asa.txt
 
 --=-5zBcF27GX3rrWtorDLMA
 Content-Type: application/pgp-signature; name=signature.asc
 Content-Description: This is a digitally signed message part
 
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.2.4 (FreeBSD)
 
 iD8DBQBAUWcdbu06QwmNwNsRAg1wAKCQRferM1JPI6xpz3T3MlHNHtfcZwCfeUIW
 /brU2HpXp4exqSFZdGB8JXw=
 =A2uk
 -----END PGP SIGNATURE-----
 
 --=-5zBcF27GX3rrWtorDLMA--
 
State-Changed-From-To: open->closed 
State-Changed-By: ceri 
State-Changed-When: Fri Mar 12 01:14:04 PST 2004 
State-Changed-Why:  
If your console is insecure then you should mark it as such in 
/etc/ttys. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=64143 
>Unformatted:
