[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Qube2 root password

Subject: Re: [cobalt-users] Qube2 root password
From: Jeff Lasman <jblists@xxxxxxxxxxxxx>
Date: Sat Oct 14 14:08:02 2000
Organization: nobaloney.net
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

Peter Low wrote:

> It's interesting that the GUI can change the root password without knowing
> what the current password is.  I wouldn't have thought this was
> possible.  I know you can change user passwords as root, but I thought root
> could only be changed from root.  Does admin have privileges over
> root?

No.

> Anyone care to explain how the GUI might accomplish this?

Sure.  The gui's "sauce" runs as root.

> Does this
> represent a potential security issue?

Yes.

Jeff
-- 
Jeff Lasman <jblists@xxxxxxxxxxxxx>
nobaloney.net
P. O. Box 52672
Riverside, CA  92517
voice: (909) 787-8589  *  fax: (909) 782-0205

References:
- Re: [cobalt-users] Qube2 root password
  - From: Peter Low
- RE: [cobalt-users] Qube2 root password
  - From: Peter Low

Prev by Date: Re: [cobalt-users] sendmail queue [RaQ3i, 512mb RAM]
Next by Date: Re: [cobalt-users] WHAT CAN YOU GET FOR $20???
Previous by thread: RE: [cobalt-users] Qube2 root password
Next by thread: Re: [cobalt-users] OPen SSL admin errors

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index