-Alex- Posted September 3, 2008 Share Posted September 3, 2008 Well, I liked it. Say what you want but I like it :p Simply edit your shell login scripts file (/root/.bashrc) to include: clear echo "So you've found out the root password, now what?" read P if [ "$P" != "leeter" ] then clear echo "I don't think so, goodbye!" exit fi clear Or the one-liner: clear && echo "So you've found out the root password, now what?" && read P; if [ "$P" != "leeter" ]; then clear && echo "I don't think so, goodbye!" && exit; fi; clear Simply enter 'leeter' or whatever you specify when you get the prompt. :) Link to comment Share on other sites More sharing options...
Fish Posted September 4, 2008 Share Posted September 4, 2008 (edited) Thing is, if you saw this as you opened a root shell, you'd know that there is a modified bashrc. So, you'd open bashrc and you'd see what the "password" is. Perhaps it would work better if it didn't say anything along the lines of "So you've found the root password...", but simply left you at a command prompt. You might think you could enter any command, but actually, the shell will close unless you give the correct "password" first. Then again, after a couple of attempts, you might suspect that bashrc had been modified in some way.... Is there no way of obfuscating the password in bashrc? Edited September 4, 2008 by Mr Fish Link to comment Share on other sites More sharing options...
pyther Posted September 5, 2008 Share Posted September 5, 2008 Couldn't that be halted with a simple Ctrl+C ? Link to comment Share on other sites More sharing options...
nuskool Posted October 10, 2008 Share Posted October 10, 2008 worst...security...ever. Link to comment Share on other sites More sharing options...
Rudy Posted October 10, 2008 Share Posted October 10, 2008 worst...security...ever. +1 Link to comment Share on other sites More sharing options...
adwin Posted October 15, 2008 Share Posted October 15, 2008 If you want better security, configure your root device as an LVM/crypted AES.... Link to comment Share on other sites More sharing options...
David Scaife Posted October 16, 2008 Share Posted October 16, 2008 (edited) An encrypted volume won't do anything to prevent or stop an attack against a running system. It's not a bad idea, and it is better security-wise than the alternative, but it's more of a physical security consideration. Regarding the original poster's idea, the reason it doesn't help security is that you're relying on two assumptions: that an attacker who knows your password has to execute (and can't read) your .bashrc file, and that your script can't be terminated before calling exit. The first assumption is false. There is nothing requiring that the console read/execute your .bashrc (let alone requiring that bash run at all); an attacker could simply specify bash --norc as the program to run if they wanted a shell when they run su or connect through SSH or whatever, bypassing your extra password prompt. The second assumption is also false; as pyther said, a simple ctrl+c would terminate the execution of your script and present the attacker with a shell. Security is not a trivial thing to get right. Essentially what you have attempted to do is add a second password; an extension to your existing password if you will, which unfortunately doesn't work very well. You'd be better off just appending that extra string to the end of your actual password. Edited October 16, 2008 by David Scaife Link to comment Share on other sites More sharing options...
Recommended Posts