back to article Mi casa es su casa: Ubuntu bug makes 'guests' anything but

Recent versions of the Ubuntu Linux distro fail to limit system access for guest accounts. This according to developer Tyler Hicks, who reported a bug that allows guest users to roam free of the confines expected to be placed on system access for guests. Ideally, guest users should be restricted to a small temporary …

Silver badge

More work

"Ubuntu's default settings allow users to read other local users' files ..."

That's another bad thing but at least the 'administrator' can modify and lock down any inter-user access.

7
0
Silver badge

Re: More work

I'm impressed.

Something permissions wise that Windows does better.

3
7
Silver badge

Re: More work

Actually, a properly configured Linux system has user directories permissions set as 640 by default.

0
0

Re: More work

"... directories permissions set as 640 by default".

That would of course be 0750.

0
0
Silver badge

Flaky guest account

The "guest account" has always been a mixed bag as far as security is concerned, but clearly someone has screwed up here and deserves to be spanked. A systemd-related change perhaps?

On the one hand it is a good idea that guests can use a machine without widespread access, and once they log out their own privacy is maintained by deleting the account. However, there are some aspects that are security issues (I guess why GCHQ advise disabling it):

1) If using a corporate VPN on boot, then they are in without user log in (even if internal resources should be checking credentials as well)

2) Typically the guest area is a fuse loop-back mount in /tmp but that allows execution even if /tmp has been mounted noexec, etc.

3) The implementation creates random-ish UID/GID values but on a system crash (think - person switching off machine without guest logging off) these accumulate as they don't get purged.

See also https://www.ncsc.gov.uk/guidance/eud-security-guidance-ubuntu-1604-lts where they also advise that all usual user accounts should have 'other' access removes (e.g. chmod o-rx /home/*)

6
2

Re: Flaky guest account

"A systemd-related change perhaps?"

Yay! Poettering's Law* invoked by the second comment!

*Poettering's Law: the idea that as an online discussion grows longer about a flaw in Linux, eventually _someone_ will blame systemd**

(**Not that I like it either.)

15
2
Silver badge

Re: Flaky guest account

Well considering the number of things that systemd forced changes upon that were then broken, its a reasonable starting point:

https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1535840

https://bugs.launchpad.net/ubuntu/+source/watchdog/+bug/1448924

https://bugs.launchpad.net/ubuntu/+source/watchdog/+bug/1535854

14
1
Anonymous Coward

Re: Poettering's Law

It's Godwin's not Hitler's Law ergo it shouldn't be Poettering's Law.

And coming back to Linux after nearly 15 years* away, Poettering the Tool has been responsible for the only issues I've had in the last 12 months; system-fucking-d and bastard pulse audio, can't Microsoft give him a job? Or Facebook? Or Google? Please won't someone give him a job so he doesn't meddle with Linux

*Not at Her Majesty's, just seduced by the Dark Side

21
1
Silver badge

Re: Flaky guest account

"Yay! Poettering's Law* invoked by the second comment!"

Except Godwin is not applicable if you're actually discussing Nazis, so neither is "Poettering", considering this really does look like a systemd issue: https://bugs.launchpad.net/ubuntu/+source/lightdm/+bug/1663157

7
1

Re: Poettering's Law*

of course people are going to blame systemd, given how much software has it as a dependency. That is kind of what forced so many distros to adopt it in the first place...

2
1
Facepalm

Re: Flaky guest account

Hello:

"A systemd-related change perhaps?"

Really can't say ...

But would not be at all surprised if it were so.

Cheers and a good weekend.

2
1
Silver badge

Re: Flaky guest account

Poettering's Law: the idea that as an online discussion grows longer about a flaw in Linux, eventually _someone_ will irrefutably pin the blame on systemd

FTFT

4
2
Silver badge

Re: Flaky guest account

Just disable Guest. ON EVERY OS

Though Win 1.x 2.x 3.x, Win9x you only had to hit cancel. The log on only affected network access.

2
0
Silver badge

Re: Flaky guest account

<quote>See also https://www.ncsc.gov.uk/guidance/eud-security-guidance-ubuntu-1604-lts where they also advise that all usual user accounts should have 'other' access removes (e.g. chmod o-rx /home/*)</quote>

I can think of one reason why you would not want to do that: """shared"""1 files.

I have some 'media files' located on my home partition that I want to make available to a 'guest' user, or others who have accounts on the box.

1 In the sense that I "own" the files, and have set the 'others' permissions to 'r--' (read only). this way, valuable disk space isn't eaten up by duplicates.

0
0
Silver badge
Devil

Re: Poettering's Law*

I just loaded Mate on FBSD 11 along with a bunch of other stuff. no systemd here... though 'atril' gave me a ration of crap when I tried to run it from a different user, the way I always do - you know, log into a mate shell, "su - whateveruser", then "setenv DISPLAY localhost:0.0" (already ran xhost +localhost), then you can use "that user" with whatever GUI stuff you want... except Atril choked on it for some reason related to dbus. But it works fine when run as the logged in user. I blame SYSTEMD DEPENDENCIES in the application! [I suspect that workarounds are patched into the various applications that *FEEL* they need systemd]

0
1
LDS
Silver badge

"We can only imagine the pointing and laughing"

As the comments so far demonstrate, it will go mostly unnoticed, after all only those using Ubuntu among the 2.4% of Linux desktop users are impacted... so, really, a very limited issue...

1
5
Bronze badge

Re: "We can only imagine the pointing and laughing"

@ LDS

"after all only those using Ubuntu among the 2.4% of Linux desktop users are impacted ..."

Correct me if I'm wrong, but I seem to recall that there is a distribution derived from Ubuntu, or perhaps I misremember.

0
1
Silver badge

Re: "We can only imagine the pointing and laughing"

Yep, Mint. I don't know if it's affected by this though.

0
1

Re: "We can only imagine the pointing and laughing"

@ Kurt Meyer

"Correct me if I'm wrong, but I seem to recall that there is a distribution derived from Ubuntu, or perhaps I misremember."

Aren't all of them based on Ubuntu LTS? The affected versions are not LTS.

1
0
Bronze badge
Facepalm

Re: "We can only imagine the pointing and laughing"

Artful Aardvark or Abject Aardvark? ROFL.

0
0
Bronze badge

Re: "We can only imagine the pointing and laughing"

@ Ben Trabetere

Thanks Ben, you are correct, I plead guilty to skimming the article. I should have read it more carefully.

0
0
wub

Re: "We can only imagine the pointing and laughing"

"Yep, Mint. I don't know if it's affected by this though."

For once, I think this is a security problem that does not include Mint. At any rate the instance of Mint on this laptop does not have a guest account, and I'm pretty sure that is stock, not my handiwork. Could be wrong, and I'm sure someone will be happy to point out if I am.

0
0
Silver badge

SSH?

The bug, of course, could be considered a security flaw as it would allow anyone with local access to an Ubuntu machine access to any sensitive files and data on the host machine.

Does Ubuntu* restrict guest logins to users sitting physically on the machine or can anyone with SSH or a remote vulnerability get in?

*More of a RHEL man myself, hence the question

0
0

Not on Ubuntu so I don't know the definitive answer, but having guest as a SSH enabled user would be a brain dead thing to do to me, especially with the way Ubuntu handles sudo.

2
0
Silver badge

It's bad - but it's not like the ludicrous decision of Microsoft in Windows XP to launch the Accessibility tools with SYSTEM account privileges when you click on the button on the login screen - which of course enables someone with a USB flash disk - to boot to anything that lets you access the filesystem rename Utilman make a copy of cmd called Utilman and reboot - and then of course at the login screen click the button and change the password of any account on the system.

Reading other users' files is bad - but it's not complete system ownership in 60 seconds. (Something which by the way - even now - still hasn't been patched)

3
0

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Forums

Biting the hand that feeds IT © 1998–2017