Date:	Sat, 8 May 1999 23:46:40 -0400
From:	Andrew McRory <amacc@MAILER.ORG>
Subject:      OpenLinux 2.2: LISA install leaves root access without password
To:	BUGTRAQ@NETSPACE.ORG

Hello,

I believe I've found a bug in the installation process of OpenLinux 2.2
when using the LISA boot disk. During the installation a temporary passwd
file is put on the new file system containing the user "help" set uid=0
gid=0 and no password. Once you are prompted to set the root password and
default user password a new passwd and shadow file is created yet the help
user is left in the shadow file with, you guessed it, no password... Here
are the offending entries:

/etc/passwd
        help:x:0:0:install help user:/:/bin/bash

/etc/shadow
        help::10709:0:365:7:7::

Anyone who installed OpenLinux 2.2 using the LISA boot disk should check
their password file now ;-)

I found this using a cdrom I made from a mirror of the mirror at
ftp.tux.org. Just to make sure I wasn't mixed up I redownloaded the
install.144 file from ftp.calderasystems.com and tried again. Same thing.
The install disk is version 137 dated 26Mar99 (displayed on the boot
message).

I wrote Caldera a message late in the day Friday regarding this bug but
haven't heard back from anyone. I've tried to resist posting this until I
hear back but I really feel people should know now!!

PS: I'm not sure if Lizard, the graphical installation method, has this
problem. It crashes before it does much here.... that's why I tried LISA.

Thanks,



Andrew McRory - amacc@linuxsys.com ***********************************
Linux Systems Engineers / The PC Doctors                             *
3009-C West Tharpe Street - Tallahassee, FL 32303                    *
Voice 850.575.7213 ***************************************************