FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu User

 
 
LinkBack Thread Tools
 
Old 08-18-2012, 05:18 PM
Bill Stanley
 
Default Sudo and USB flash drives

Hi,

When I was repartitioning my HD and booting a USB flash drive, I found
what may be a security flaw with sudo. This problem might not affect
computers with Linux installed so this might not be a problem. It goes
as follows...


I booted off the USB flash drive and opened a terminal window. Once I
got a command line I entered "sudo gparted". Next sudo asked for a
password. Since I didn't use any password when making the bootable
Linux flash drive, I pressed <ENTER> without typing anything in. Sudo
accepted it and gparted started.


Do we really want to allow root access when booting to a flash drive?
Maybe when booting from a USB drive or a CD-ROM, sudo should match the
root (sudo) password that is on the Hard drive. Of course, since I did
not have Linux installed yet, in this case sudo acted appropriately.


Bill Stanley

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 08-18-2012, 06:37 PM
Nils Kassube
 
Default Sudo and USB flash drives

Bill Stanley wrote:
> When I was repartitioning my HD and booting a USB flash drive, I
> found what may be a security flaw with sudo. This problem might not
> affect computers with Linux installed so this might not be a
> problem. It goes as follows...

[...]

> Do we really want to allow root access when booting to a flash drive?
> Maybe when booting from a USB drive or a CD-ROM, sudo should match
> the root (sudo) password that is on the Hard drive. Of course,
> since I did not have Linux installed yet, in this case sudo acted
> appropriately.

IMHO, there is no advantage if you check for an installed Linux and use
the root password from that partition. You pointed out the next
necessary check, i.e. find out the Windows admin password and use that
one, if there is only Windows on the machine. But what would you suggest
to do if there are Windows and Linux installed? What if the disk is
bought secondhand and you don't even know the password of the still
existing OS on that disk?

If the system isn't locked down and anyone can boot from external media,
it isn't safe anyway. Then why should an installation medium check for
existing passwords? IMHO that doesn't make much sense.


Nils

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 08-18-2012, 08:02 PM
Bill Stanley
 
Default Sudo and USB flash drives

On 08/18/2012 02:37 PM, Nils Kassube wrote:

Bill Stanley wrote:

When I was repartitioning my HD and booting a USB flash drive, I
found what may be a security flaw with sudo. This problem might not
affect computers with Linux installed so this might not be a
problem. It goes as follows...


[...]


Do we really want to allow root access when booting to a flash drive?
Maybe when booting from a USB drive or a CD-ROM, sudo should match
the root (sudo) password that is on the Hard drive. Of course,
since I did not have Linux installed yet, in this case sudo acted
appropriately.


IMHO, there is no advantage if you check for an installed Linux and use
the root password from that partition. You pointed out the next
necessary check, i.e. find out the Windows admin password and use that
one, if there is only Windows on the machine. But what would you suggest
to do if there are Windows and Linux installed? What if the disk is
bought secondhand and you don't even know the password of the still
existing OS on that disk?

If the system isn't locked down and anyone can boot from external media,
it isn't safe anyway. Then why should an installation medium check for
existing passwords? IMHO that doesn't make much sense.


The issue of multiple OS's which are multi-booted is another thing that
occurred to me. Which OS root (or admin) password do you choose? It is
a bit of a corundum. Still, sudo should keep people without sudo access
from executing sudo privilege programs. If someone can easily get
around sudo by booting off a flash drive what security is in that? I
think that the sudo people should think about that!


Bill Stanley

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 08-18-2012, 08:39 PM
Nils Kassube
 
Default Sudo and USB flash drives

Bill Stanley wrote:
> On 08/18/2012 02:37 PM, Nils Kassube wrote:
> > Bill Stanley wrote:
> >> When I was repartitioning my HD and booting a USB flash drive, I
> >> found what may be a security flaw with sudo. This problem might
> >> not affect computers with Linux installed so this might not be a
> >> problem. It goes as follows...
> >
> > [...]
> >
> >> Do we really want to allow root access when booting to a flash
> >> drive? Maybe when booting from a USB drive or a CD-ROM, sudo
> >> should match the root (sudo) password that is on the Hard drive.
> >> Of course, since I did not have Linux installed yet, in this case
> >> sudo acted appropriately.
> >
> > IMHO, there is no advantage if you check for an installed Linux and
> > use the root password from that partition. You pointed out the
> > next necessary check, i.e. find out the Windows admin password and
> > use that one, if there is only Windows on the machine. But what
> > would you suggest to do if there are Windows and Linux installed?
> > What if the disk is bought secondhand and you don't even know the
> > password of the still existing OS on that disk?
> >
> > If the system isn't locked down and anyone can boot from external
> > media, it isn't safe anyway. Then why should an installation
> > medium check for existing passwords? IMHO that doesn't make much
> > sense.
>
> The issue of multiple OS's which are multi-booted is another thing
> that occurred to me. Which OS root (or admin) password do you
> choose? It is a bit of a corundum. Still, sudo should keep people
> without sudo access from executing sudo privilege programs. If
> someone can easily get around sudo by booting off a flash drive what
> security is in that? I think that the sudo people should think
> about that!

If the owner of the machine allows that anybody can boot from external
media, there is NO security. Then it doesn't matter if you need sudo
from the external medium because that external medium isn't necessarily
Linux. Why should a Linux install disk have lower access privilege than
e.g. a Windows install disk?


Nils

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 08-18-2012, 08:41 PM
Colin Law
 
Default Sudo and USB flash drives

On 18 August 2012 21:02, Bill Stanley <bstanle@wowway.com> wrote:
> On 08/18/2012 02:37 PM, Nils Kassube wrote:
>>
>> Bill Stanley wrote:
>>>
>>> When I was repartitioning my HD and booting a USB flash drive, I
>>> found what may be a security flaw with sudo. This problem might not
>>> affect computers with Linux installed so this might not be a
>>> problem. It goes as follows...
>>
>>
>> [...]
>>
>>> Do we really want to allow root access when booting to a flash drive?
>>> Maybe when booting from a USB drive or a CD-ROM, sudo should match
>>> the root (sudo) password that is on the Hard drive. Of course,
>>> since I did not have Linux installed yet, in this case sudo acted
>>> appropriately.
>>
>>
>> IMHO, there is no advantage if you check for an installed Linux and use
>> the root password from that partition. You pointed out the next
>> necessary check, i.e. find out the Windows admin password and use that
>> one, if there is only Windows on the machine. But what would you suggest
>> to do if there are Windows and Linux installed? What if the disk is
>> bought secondhand and you don't even know the password of the still
>> existing OS on that disk?
>>
>> If the system isn't locked down and anyone can boot from external media,
>> it isn't safe anyway. Then why should an installation medium check for
>> existing passwords? IMHO that doesn't make much sense.
>
>
> The issue of multiple OS's which are multi-booted is another thing that
> occurred to me. Which OS root (or admin) password do you choose? It is a
> bit of a corundum. Still, sudo should keep people without sudo access from
> executing sudo privilege programs. If someone can easily get around sudo by
> booting off a flash drive what security is in that? I think that the sudo
> people should think about that!

Even if the Ubuntu USB stick was modified in the way you suggest,
anyone could boot from the USB stick burned with another operating
system, or the gparted live cd or anything else that takes their fancy
and do anything they like to the system. Once someone with malice in
their mind has access to the machine there is nothing that can be done
to stop them doing anything they like if they are clever enough. Data
can be protected so that it cannot be read, by encrypting the disc,
but that is all.

Colin


>
> Bill Stanley
>
>
> --
> ubuntu-users mailing list
> ubuntu-users@lists.ubuntu.com
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-users

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 08-23-2012, 09:23 AM
Patrick Asselman
 
Default Sudo and USB flash drives

On 2012-08-18 22:41, Colin Law wrote:

On 18 August 2012 21:02, Bill Stanley <bstanle@wowway.com> wrote:

On 08/18/2012 02:37 PM, Nils Kassube wrote:


Bill Stanley wrote:


When I was repartitioning my HD and booting a USB flash drive, I
found what may be a security flaw with sudo. This problem might
not

affect computers with Linux installed so this might not be a
problem. It goes as follows...



[...]

Do we really want to allow root access when booting to a flash
drive?

Maybe when booting from a USB drive or a CD-ROM, sudo should match
the root (sudo) password that is on the Hard drive. Of course,
since I did not have Linux installed yet, in this case sudo acted
appropriately.



IMHO, there is no advantage if you check for an installed Linux and
use

the root password from that partition. You pointed out the next
necessary check, i.e. find out the Windows admin password and use
that
one, if there is only Windows on the machine. But what would you
suggest

to do if there are Windows and Linux installed? What if the disk is
bought secondhand and you don't even know the password of the still
existing OS on that disk?

If the system isn't locked down and anyone can boot from external
media,
it isn't safe anyway. Then why should an installation medium check
for

existing passwords? IMHO that doesn't make much sense.



The issue of multiple OS's which are multi-booted is another thing
that
occurred to me. Which OS root (or admin) password do you choose?
It is a
bit of a corundum. Still, sudo should keep people without sudo
access from
executing sudo privilege programs. If someone can easily get around
sudo by
booting off a flash drive what security is in that? I think that
the sudo

people should think about that!


Even if the Ubuntu USB stick was modified in the way you suggest,
anyone could boot from the USB stick burned with another operating
system, or the gparted live cd or anything else that takes their
fancy

and do anything they like to the system. Once someone with malice in
their mind has access to the machine there is nothing that can be
done
to stop them doing anything they like if they are clever enough.
Data

can be protected so that it cannot be read, by encrypting the disc,
but that is all.

Colin



Well, not all....

One can also disble booting from USB (and other media) in the BIOS, and
password protect the BIOS.


But I agree, if someone has physical access to a PC, there are a lot of
possibilities to do malice. Getting root access from a booted USB stick
is only one of them. Booting into single user mode so you have root
access is another one. Screwing open the case and stealing the hard
drive is also a possibility. How you need to protect against these
depends on the setting.


Best regards,
Patrick Asselman


--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 

Thread Tools




All times are GMT. The time now is 10:40 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org