[352] in linux-security and linux-alert archive
Re: Linux adduser security bug [Forwarded e-mail from Mark Whitis]
daemon@ATHENA.MIT.EDU (Marek Michalkiewicz)
Fri Sep 8 15:36:05 1995
From: Marek Michalkiewicz <marekm@i17linuxb.ists.pwr.wroc.pl>
To: juphoff@tarsier.cv.nrao.edu (Jeff Uphoff)
Date: Thu, 7 Sep 1995 15:33:12 +0200 (MET DST)
Cc: linux-security@tarsier.cv.nrao.edu, whitis@wright.nasm.edu
In-Reply-To: <199509060253.WAA27329@tarsier.cv.nrao.edu> from "Jeff Uphoff" at Sep 5, 95 10:53:51 pm
> ------- start of forwarded message (RFC 934 encapsulation) -------
> From: whitis@wright.nasm.edu (Mark Whitis)
> To: juphoff@NRAO.EDU
> Subject: Linux adduser security bug
> Date: Tue, 5 Sep 95 22:22:44 -0400
>
> While writing my own adduser program, I noticed a bug in the adduser program
> distributed with linux. It only generates 256 possible salt values instead
> of 4096. This makes it easier for programs like crack. It makes
[ I am cc'ing this to the author of the above message ]
Why does adduser generate any salt values at all? Isn't passwd supposed
to do this? I don't know about adduser, but all useradd programs I know
of (from the shadow suite, and the GPL-ed one I am working on :) create
new users with locked accounts ('!' in the password field) and it is
necessary to run passwd (by root) to set initial password.
Or does adduser run passwd and this is actually a problem with the passwd
program? In which distribution?
> storage of preencrypted dictionaries for all possible salt values more
> feasable (of order 500mb for 256 salts). Since the security of
> unix encrypted passwords is already pretty marginal with the
> computing power readily availible today, a factor of 16 degradation
> is unacceptable.
Agreed, if it's of order 500MB for 256 salts, then it's of order 8GB
for 4096 salts - not very much either. Computers are getting faster
and hard drives are getting bigger all the time... We really need
a proactive passwd program _and_ shadow passwords.
I just started a complete rewrite of the shadow password suite (because
it has too many bugs, design flaws like writing password files in place
resulting in incomplete file if the program dies at the wrong time, and
unclear copyright). It will be under the GPL (except some BSD code -
I just almost ported login and su from FreeBSD), and it will support
non-shadow passwords too. Don't hold your breath though - it may take
a few months before I will need beta testers...
Marek
