Solaris 5.1 security issues
 

I am a novice user so keep that in mind

We have a Sun Solaris 5.1 machine in which both the CD and the root password have been lost.

While browsing around on the machine, I ran across a file called sulogin which lets you enter into maintenance mode. Since I dont know what the superuser or root password is, I figured that I wouldnt be able to use it.

However, I was shocked and delighted when it actually worked. It gives the following message:

"Warning: root password not set, entering maintenance mode"

My excitement soon abated when I realized that I still didnt have root powers. It wont let me use chmod, it wont let me edit some files with vi. I thought maintenance mode would give me some of the same powers as root or superuser, but apparently not. It wont let me do any of the stuff that i need it to.

I am using telnet to connect to this machine. When I tried to login as root with no password, it just closes automatically. It doesnt even say that password is not correct, its as if the machine is refusing to let anyone log in as root even if the password is right.

Are you not allowed to login as root remotely, or is the sulogin program lying to me when it says the root password has not been set?

it sounds to me like the root password isn't set... lol, have you actually tried logging in as a standard user, and typing: you cannot telnet into machines as root straight away - this is a security feature. you need a user account with permissions to run the "su" command to switch user to become root. tried that yet?

Well I tried su - root from telnet, and then it asked for a password. I just pressed enter and it said "incorrect login"

I then went to the machine console and tried to login as root, just pressing enter when it asked for password. No luck, I get the "incorrect login" message.

Thats what I dont understand about this. The sulogin program is saying the root password is blank, yet when I try to log in as root, even from the machine console itself, it says login incorrect.

Sulogin must be a corrupted program or something

Re: Solaris 5.1 security issues
 

Whether or not you can login as root remotely depends on how the system is configured.

sulogin is launched when the system is coming up and there is something wrong with the system. That's the program that gives you the choice of CTRL-D to continue or entering root's password to fix the problem. It is invoked by init and not meant to be run by a user. It did not put you in maintenance mode when you invoked it as a user.

On a Solaris system, there is one simple test for determining whether or not the root password is blank. If you try to login at the console, the system will not prompt for a password. Since your systems prompts for a password, it is set.

What if I physically remove the hard drive and put it on another machine?

Do you HAVE to be root on the new machine to mount a new hard drive or can you do it as any user?

You will need root privelages to build the device files for the drive on the new machine if they do not exist. You wall also need root to mount the file systems.

are you sure that the 'sulogin' program isn't saying that the password you entered is blank? if you enter no password, then the password entered would be blank, right?

i could be going off on a tangent here... lol :D