Ability To Change Root User Password (Vulnerability?)Storing application secrets safely on LinuxForgot...

Does the 2019 UA Artificer's Many-Handed Pouch infusion enable unlimited infinite-range cross-planar communication?

Russian word for a male zebra

How is the excise border managed in Ireland?

How to hide an urban landmark?

Moving points closer to polyline using ModelBuilder?

Why was this person allowed to become Grand Maester?

Longest bridge/tunnel that can be cycled over/through?

What is inside of the 200 star chest?

How to ensure color fidelity of the same file on two computers?

How does the Around command at zero work?

Why are trash cans referred to as "zafacón" in Puerto Rico?

Why can I traceroute to this IP address, but not ping?

Let M and N be single-digit integers. If the product 2M5 x 13N is divisible by 36, how many ordered pairs (M,N) are possible?

Active low-pass filters --- good to what frequencies?

sed + add word before string only if not exists

What aircraft was used as Air Force One for the flight between Southampton and Shannon?

Why does the Mishnah use the terms poor person and homeowner when discussing carrying on Shabbat?

Check if three arrays contains the same element

Is it expected that a reader will skip parts of what you write?

Is it safe to change the harddrive power feature so that it never turns off?

Electricity free spaceship

Is it possible to have 2 different but equal size real number sets that have the same mean and standard deviation?

How to trick the reader into thinking they're following a redshirt instead of the protagonist?

How creative should the DM let an artificer be in terms of what they can build?



Ability To Change Root User Password (Vulnerability?)


Storing application secrets safely on LinuxForgot Password VulnerabilityHarden root remote accessroot with no passwordLinux: is sending prompt notifications on ssh logins a security measure?Root access without passwordSUID not executing as rootCan root user have access to MySQL data?An application started by the root user has root privileges?How do I verify that a user on a remote system has root access?






.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0;
}







4















I am studying for my RHCSA exam, and one of the topics is the ability to "change a forgotten root user password." This is an official exam objective and even has official Redhat documentation.



How is this not a glaring security vulnerability? Shouldn't the ability to change a root user password not exist? I get that you need to have physical access to a machine (which makes it harder to implement) but why even have a password at all if it can just be changed like this? Is there a way to disable this 'feature' so that it cannot be changed from GRUB like this?



Can you do this in all other Linux distros as well? Or is this a Redhat exclusive ability?










share|improve this question

























  • Look at KonBoot for Windows. No OS is secure under a physical attack, as mentioned in the answer.

    – multithr3at3d
    4 hours ago






  • 1





    NOT having this ability is a vulnerability. You can't put it back in the bag once it escapes. Changing admin passwords should be SOP. A deceased or incapacitated administrator is a foreseeable event. Ideally a securely printed envelope should also be in secure location.

    – mckenzm
    1 hour ago


















4















I am studying for my RHCSA exam, and one of the topics is the ability to "change a forgotten root user password." This is an official exam objective and even has official Redhat documentation.



How is this not a glaring security vulnerability? Shouldn't the ability to change a root user password not exist? I get that you need to have physical access to a machine (which makes it harder to implement) but why even have a password at all if it can just be changed like this? Is there a way to disable this 'feature' so that it cannot be changed from GRUB like this?



Can you do this in all other Linux distros as well? Or is this a Redhat exclusive ability?










share|improve this question

























  • Look at KonBoot for Windows. No OS is secure under a physical attack, as mentioned in the answer.

    – multithr3at3d
    4 hours ago






  • 1





    NOT having this ability is a vulnerability. You can't put it back in the bag once it escapes. Changing admin passwords should be SOP. A deceased or incapacitated administrator is a foreseeable event. Ideally a securely printed envelope should also be in secure location.

    – mckenzm
    1 hour ago














4












4








4


1






I am studying for my RHCSA exam, and one of the topics is the ability to "change a forgotten root user password." This is an official exam objective and even has official Redhat documentation.



How is this not a glaring security vulnerability? Shouldn't the ability to change a root user password not exist? I get that you need to have physical access to a machine (which makes it harder to implement) but why even have a password at all if it can just be changed like this? Is there a way to disable this 'feature' so that it cannot be changed from GRUB like this?



Can you do this in all other Linux distros as well? Or is this a Redhat exclusive ability?










share|improve this question
















I am studying for my RHCSA exam, and one of the topics is the ability to "change a forgotten root user password." This is an official exam objective and even has official Redhat documentation.



How is this not a glaring security vulnerability? Shouldn't the ability to change a root user password not exist? I get that you need to have physical access to a machine (which makes it harder to implement) but why even have a password at all if it can just be changed like this? Is there a way to disable this 'feature' so that it cannot be changed from GRUB like this?



Can you do this in all other Linux distros as well? Or is this a Redhat exclusive ability?







linux password-reset root






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited 8 hours ago









schroeder

82.8k34185222




82.8k34185222










asked 10 hours ago









Tobin ShieldsTobin Shields

926




926













  • Look at KonBoot for Windows. No OS is secure under a physical attack, as mentioned in the answer.

    – multithr3at3d
    4 hours ago






  • 1





    NOT having this ability is a vulnerability. You can't put it back in the bag once it escapes. Changing admin passwords should be SOP. A deceased or incapacitated administrator is a foreseeable event. Ideally a securely printed envelope should also be in secure location.

    – mckenzm
    1 hour ago



















  • Look at KonBoot for Windows. No OS is secure under a physical attack, as mentioned in the answer.

    – multithr3at3d
    4 hours ago






  • 1





    NOT having this ability is a vulnerability. You can't put it back in the bag once it escapes. Changing admin passwords should be SOP. A deceased or incapacitated administrator is a foreseeable event. Ideally a securely printed envelope should also be in secure location.

    – mckenzm
    1 hour ago

















Look at KonBoot for Windows. No OS is secure under a physical attack, as mentioned in the answer.

– multithr3at3d
4 hours ago





Look at KonBoot for Windows. No OS is secure under a physical attack, as mentioned in the answer.

– multithr3at3d
4 hours ago




1




1





NOT having this ability is a vulnerability. You can't put it back in the bag once it escapes. Changing admin passwords should be SOP. A deceased or incapacitated administrator is a foreseeable event. Ideally a securely printed envelope should also be in secure location.

– mckenzm
1 hour ago





NOT having this ability is a vulnerability. You can't put it back in the bag once it escapes. Changing admin passwords should be SOP. A deceased or incapacitated administrator is a foreseeable event. Ideally a securely printed envelope should also be in secure location.

– mckenzm
1 hour ago










1 Answer
1






active

oldest

votes


















6














You pretty much hit the nail on the head when you said that you need physical access to the machine.



If you have physical access, you don't need to go through the official steps to reset the root password, as you can flips bits on the hard drive directly, if you know what you're doing. I.e., you can boot up a recovery OS from a DVD or flash drive, and mount the drive that way to gain complete read/write access to the entire disk.



Disk encryption will mitigate the risk, but doesn't remove it entirely. It is best to assume that an attacker with physical access will be able to influence every aspect of the device in time.



Since it's assumed that attackers with physical access will always gain privileged account access eventually, there's little point in putting the legitimate administrators through extra trouble if they lost their password.



Every Linux distro that I have used has had this feature, though it's possible that some of the distros aimed at a more paranoid audience could disable this.



In addition, it's a standard feature in BSD Unixes, was tested for on the CCNA exam at least 15 years ago when I took it for Cisco devices, and it's fairly trivial to reset passwords on a Windows machine if it isn't explicitly secured.






share|improve this answer
























    Your Answer








    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "162"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: false,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    noCode: true, onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f211427%2fability-to-change-root-user-password-vulnerability%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    6














    You pretty much hit the nail on the head when you said that you need physical access to the machine.



    If you have physical access, you don't need to go through the official steps to reset the root password, as you can flips bits on the hard drive directly, if you know what you're doing. I.e., you can boot up a recovery OS from a DVD or flash drive, and mount the drive that way to gain complete read/write access to the entire disk.



    Disk encryption will mitigate the risk, but doesn't remove it entirely. It is best to assume that an attacker with physical access will be able to influence every aspect of the device in time.



    Since it's assumed that attackers with physical access will always gain privileged account access eventually, there's little point in putting the legitimate administrators through extra trouble if they lost their password.



    Every Linux distro that I have used has had this feature, though it's possible that some of the distros aimed at a more paranoid audience could disable this.



    In addition, it's a standard feature in BSD Unixes, was tested for on the CCNA exam at least 15 years ago when I took it for Cisco devices, and it's fairly trivial to reset passwords on a Windows machine if it isn't explicitly secured.






    share|improve this answer




























      6














      You pretty much hit the nail on the head when you said that you need physical access to the machine.



      If you have physical access, you don't need to go through the official steps to reset the root password, as you can flips bits on the hard drive directly, if you know what you're doing. I.e., you can boot up a recovery OS from a DVD or flash drive, and mount the drive that way to gain complete read/write access to the entire disk.



      Disk encryption will mitigate the risk, but doesn't remove it entirely. It is best to assume that an attacker with physical access will be able to influence every aspect of the device in time.



      Since it's assumed that attackers with physical access will always gain privileged account access eventually, there's little point in putting the legitimate administrators through extra trouble if they lost their password.



      Every Linux distro that I have used has had this feature, though it's possible that some of the distros aimed at a more paranoid audience could disable this.



      In addition, it's a standard feature in BSD Unixes, was tested for on the CCNA exam at least 15 years ago when I took it for Cisco devices, and it's fairly trivial to reset passwords on a Windows machine if it isn't explicitly secured.






      share|improve this answer


























        6












        6








        6







        You pretty much hit the nail on the head when you said that you need physical access to the machine.



        If you have physical access, you don't need to go through the official steps to reset the root password, as you can flips bits on the hard drive directly, if you know what you're doing. I.e., you can boot up a recovery OS from a DVD or flash drive, and mount the drive that way to gain complete read/write access to the entire disk.



        Disk encryption will mitigate the risk, but doesn't remove it entirely. It is best to assume that an attacker with physical access will be able to influence every aspect of the device in time.



        Since it's assumed that attackers with physical access will always gain privileged account access eventually, there's little point in putting the legitimate administrators through extra trouble if they lost their password.



        Every Linux distro that I have used has had this feature, though it's possible that some of the distros aimed at a more paranoid audience could disable this.



        In addition, it's a standard feature in BSD Unixes, was tested for on the CCNA exam at least 15 years ago when I took it for Cisco devices, and it's fairly trivial to reset passwords on a Windows machine if it isn't explicitly secured.






        share|improve this answer













        You pretty much hit the nail on the head when you said that you need physical access to the machine.



        If you have physical access, you don't need to go through the official steps to reset the root password, as you can flips bits on the hard drive directly, if you know what you're doing. I.e., you can boot up a recovery OS from a DVD or flash drive, and mount the drive that way to gain complete read/write access to the entire disk.



        Disk encryption will mitigate the risk, but doesn't remove it entirely. It is best to assume that an attacker with physical access will be able to influence every aspect of the device in time.



        Since it's assumed that attackers with physical access will always gain privileged account access eventually, there's little point in putting the legitimate administrators through extra trouble if they lost their password.



        Every Linux distro that I have used has had this feature, though it's possible that some of the distros aimed at a more paranoid audience could disable this.



        In addition, it's a standard feature in BSD Unixes, was tested for on the CCNA exam at least 15 years ago when I took it for Cisco devices, and it's fairly trivial to reset passwords on a Windows machine if it isn't explicitly secured.







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered 10 hours ago









        GhedipunkGhedipunk

        2,6331920




        2,6331920






























            draft saved

            draft discarded




















































            Thanks for contributing an answer to Information Security Stack Exchange!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f211427%2fability-to-change-root-user-password-vulnerability%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            Popular posts from this blog

            Taj Mahal Inhaltsverzeichnis Aufbau | Geschichte | 350-Jahr-Feier | Heutige Bedeutung | Siehe auch |...

            Baia Sprie Cuprins Etimologie | Istorie | Demografie | Politică și administrație | Arii naturale...

            Nicolae Petrescu-Găină Cuprins Biografie | Opera | In memoriam | Varia | Controverse, incertitudini...