HPE Community
Operating System - HP-UX
1834497 Members
2787 Online
110067 Solutions
New Discussion

Password modification issue

 
Tamer Shaalan
Regular Advisor

‎03-17-2004 05:15 AM

‎03-17-2004 05:15 AM

Password modification issue

I have a trusted HP-UX 10.20 system, I discovered a too serious:
any user CAN CHANGE the password for any other user(except for root)with command:
$passwd userid
and it is successfull !!!????

**N.B:(this server exists in a LAN with NIS service, but this problem doesn't occur in the NIS master server or any other NIS client machine)

Any Solutions from PROFESSIONALS.

Tamer.
Success is a journey, not a destination
0 Kudos
Reply
16 REPLIES 16
Victor Fridyev
Honored Contributor

‎03-17-2004 05:28 AM

‎03-17-2004 05:28 AM

Re: Password modification issue

Please check modes of password related files. They must be like this:
hobbit:/# ll `whence passwd`
-r-sr-xr-x 5 root bin 49152 May 23 2001 /usr/bin/passwd*
hobbit:/# ll /etc/passwd
-r--r--r-- 1 root other 768 Mar 14 17:32 /etc/passwd
Entities are not to be multiplied beyond necessity - RTFM
0 Kudos
Reply
Tamer Shaalan
Regular Advisor

‎03-17-2004 05:40 AM

‎03-17-2004 05:40 AM

Re: Password modification issue

Hi Victor,
this is the output :
# ll `whence passwd`
-r-sr-xr-x 1 root bin 86016 Mar 3 1997 /usr/bin/passwd
# ll /etc/passwd
-r--r--r-- 1 root tnm 4211 Mar 17 12:56 /etc/passwd
Success is a journey, not a destination
0 Kudos
Reply
Wouter Jagers
Honored Contributor

‎03-17-2004 05:54 AM

‎03-17-2004 05:54 AM

Re: Password modification issue

I can't really check right now, but it rings a bell..

Did you issue the above as a user or as root ? At one time I've found several passwd binaries on (I think) a similar box, which wasn't good.

Also, are you sure that -any user- can do this ? You're not su'ing from root or something ?

Could you try, as root:
# useradd test1
# passwd test1
# useradd test2
# passwd test2

Then log off -completely-, logon as test1 straight away, and try to set test2's password.

If that works, I'm booting up a 10.20 again still this week !

Greets
Wout
an engineer's aim in a discussion is not to persuade, but to clarify.
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎03-17-2004 05:58 AM

‎03-17-2004 05:58 AM

Re: Password modification issue

The only time I've heard of this happening is when permissions on /etc/passwd or the passwd command file are wrong. The prior posts should be a good guide to verifying and correcting this issue.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Tamer Shaalan
Regular Advisor

‎03-17-2004 06:09 AM

‎03-17-2004 06:09 AM

Re: Password modification issue

Dear Wouter,
I tried creating two users, test1 , test2 and test1 can change password to test2 !!!!

SEP :
I posted the o/p to show permissions of files as you see from my previous post!!!
Success is a journey, not a destination
0 Kudos
Reply
Marvin Strong
Honored Contributor

‎03-17-2004 06:16 AM

‎03-17-2004 06:16 AM

Re: Password modification issue

I would also think there is a permissions problem somewhere.

maybe the tcb directory?
dr-xr-x--x 3 root sys 96 Jan 12 17:27 tcb


0 Kudos
Reply
Hazem Mahmoud_3
Respected Contributor

‎03-17-2004 06:18 AM

‎03-17-2004 06:18 AM

Re: Password modification issue

Tamer,
You said your system is trusted. Take a look at the /tcb/files/auth permissions.
Here are mine:
dr-xr-x--x 3 root sys 96 Sep 9 2002 /tcb
drwxrwx--x 3 root sys 96 Feb 20 16:53 files
drwx------ 55 root sys 1024 Sep 9 2002 auth
-rw-rw-r-- 1 root root 18060 Jun 16 2003 devassign
-rw-rw-r-- 1 root root 11280 Feb 20 16:53 ttys

All the files under /tcb/files/auth should have the permissions like the following:
drwx------ 2 root sys 96 Sep 9 2002 z

Let me know if they are different. That may be where the problem is.

-Hazem
0 Kudos
Reply
Tamer Shaalan
Regular Advisor

‎03-17-2004 06:39 AM

‎03-17-2004 06:39 AM

Re: Password modification issue

Dear Hazem,
Really, I found some differences, corrected them to as what you posted(especially in :
/tcb/files/auth &
all files under auth
but even after correction, the issue is still exist!!!!
Success is a journey, not a destination
0 Kudos
Reply
Hazem Mahmoud_3
Respected Contributor

‎03-17-2004 07:05 AM

‎03-17-2004 07:05 AM

Re: Password modification issue

Tamer,
I would recommend untrusting the system and then trusting it again. Let me know what happens after that.
And just out of curiousity, see if you have the same issue with the passwd command when the system is untrusted. This will at least help us to narrow down the problem.
Let us know happens.

-Hazem
0 Kudos
Reply
Tamer Shaalan
Regular Advisor

‎03-18-2004 12:31 AM

‎03-18-2004 12:31 AM

Re: Password modification issue

Hazem,

Really, I am afraid from untrusting the system because I don't know what is the effect of that on users & installed applications. This is live system with heavy,continuous work.

Any other ideas ???!!!

Tamer.
Success is a journey, not a destination
0 Kudos
Reply
Mark Grant
Honored Contributor

‎03-18-2004 12:37 AM

‎03-18-2004 12:37 AM

Re: Password modification issue

I think the clue here is that the users still can't change root's password. Could you test to see if it is all the users not handled by NIS that are still ok.

I can't quite see how NIS is going to allow any user to change another users account but I also can't see how the users can change any user except root.

Perhaps we have unusual permissions on the NIS stuff, yppasswd or yppush.
Never preceed any demonstration with anything more predictive than "watch this"
0 Kudos
Reply
Tamer Shaalan
Regular Advisor

‎03-18-2004 01:54 AM

‎03-18-2004 01:54 AM

Re: Password modification issue

Dear Mark,

I already tried with non NIS users(from Wouter's thread) but it is still exist.

Really, this machine is STAND ALONE machine (i.e.,it is not one of NIS machins) because you can't enable NIS as service in a TRUSTED SYSTEM at all!!

All the relation between this machine and NIS is that :
Users home directories is an individual file system in this trusted machine, and this file system is MOUNTED AS NFS on all NIS machines (master server, secondary, and client machines).

Thank you any way.

Still Need Help !!!!

Tamer.
Success is a journey, not a destination
0 Kudos
Reply
Hazem Mahmoud_3
Respected Contributor

‎03-18-2004 02:15 AM

‎03-18-2004 02:15 AM

Re: Password modification issue

Tamer,
I think I may know where your problem is. Take a look at your user files (under /tcb/files/auth/). Take a look to see if there is a field defined as "u_pswduser=". This field basically defines which user is allowed to change this user's password. On my system that field doesn't even exist. It should not exist on your system either. It may be set to "@" or something like that.
Let me know if that is the case. If that is truly your problem, do not forget to also update the default file that is used when creating all these users (/tcb/files/auth/system/default) to prevent it from happening again in the future.

-Hazem
0 Kudos
Reply
Tamer Shaalan
Regular Advisor

‎03-18-2004 07:49 AM

‎03-18-2004 07:49 AM

Re: Password modification issue

Hazem,

This is some output :
# cd tcb/files/auth
# ll

drwx------ 2 root sys 96 Feb 24 23:41 n
drwx------ 2 root sys 96 Nov 20 2002 o
drwx------ 2 root sys 96 Apr 26 2001 p
drwx------ 2 root sys 96 Jul 19 2000 q
drwx------ 2 root sys 1024 Mar 17 20:08 r
drwx------ 2 root sys 1024 Mar 17 21:33 s
drwx------ 2 root sys 96 Mar 17 21:00 system
drwx------ 2 root sys 1024 Mar 17 21:34 t
drwx------ 2 root sys 96 Jul 19 2000 u

# cd s
# ll
total 12
-rw-rw-r-- 1 root root 174 Sep 23 15:07 sahar
-rw-rw-r-- 1 root root 185 Mar 31 2002 sameh
-rw-rw-r-- 1 root root 171 Mar 9 11:31 samira
-rw-rw-r-- 1 root root 183 Mar 17 21:33 samy

I didn't find the field you mentioned, I found the following exactly:

samy:u_name=samy:u_id#133:\
:u_pwd=VALUE:\
:u_auditid#VALUE :\
:u_auditflag#VALUE :\
:u_succhg#VALUE:u_unsucchg#VALUE:u_suclog#VALUE:u_lock@:\
:chkent:
where VALUE is any value

can you post me the fields from a user file in your machine (If you permit) to compare with mines

Tamer.
Success is a journey, not a destination
0 Kudos
Reply
Hazem Mahmoud_3
Respected Contributor

‎03-18-2004 10:06 AM

‎03-18-2004 10:06 AM

Re: Password modification issue

Make sure you are looking at the file that corresponds to the user that can have their password changed by someone else. So for example, if userA can change the password for userB, look at the file for userB and see the configs in that.
Here is one of mine:

# more hmahmoud
hmahmoud:u_name=hmahmoud:u_id#111:\
:u_pwd=:\
:u_auditid#46:\
:u_auditflag#1:\
:u_succhg#1078930892:u_unsucchg#1079549652:u_suclog#1078932439:u_suctty=pts/3:\
:u_unsuclog#1078930843:u_lock@:chkent:
0 Kudos
Reply
Tamer Shaalan
Regular Advisor

‎03-20-2004 04:43 AM

‎03-20-2004 04:43 AM

Re: Password modification issue

Hazem:

The user samy,who I sent the items of his file, his password can be changed by another user.

I noticed that the field :

u_suctty=pts/3:\

is missing in my files. but I don't think this is an issue( I think it is related to tyys from which the allowed to login.

Any other ideas !!!!!!!

Tamer
Success is a journey, not a destination
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.