Comments (17)
The cloud library doesn't actually do this. However, From kernellib/src/doc/kernel/overview
:
10. Backdoor
Even if a different binary connections manager has been installed, the user "admin" can still login on the first binary port. To disable this backdoor, change the file /kernel/data/admin.pwd
to contain this line:
password "*"
This will disable access for "admin". If, at some time in the future, things have gone so thoroughly wrong that nobody can login in the ordinary way anymore, remove the file /kernel/data/admin.pwd
and login as "admin" on the first binary port.
from cloud-server.
The condition check is malformed, because I'm trying in the second binary port, not the first one.
Cheers,
from cloud-server.
The condition is in /kernel/sys/userd.c:129
, but note there that the other way it can fall back to the kernel user is if no telnet manager has been set for that port. In fact, Cloudlib will fall back all connection types to the a kernel user if they're not configured.
from cloud-server.
Yes, I know and I've tested it. But if you use for example a binary connection manager on the port 1 this remains as with port 0, so the documentation may be wrong.
from cloud-server.
@francipvb Could you please be clear about which git repository this applies to?
I ask because the cloudlib doesn't have a backdoor on any binary port, and the documentation I quoted is from the kernellib.
from cloud-server.
The issue I found in this repo.
from cloud-server.
@francipvb The cloudlib does not have an admin backdoor on a binary port, so this must be something completely different. Could you please describe how to reproduce the problem?
from cloud-server.
I will upload a repro.
from cloud-server.
Here is the attachment.
- Extract the file and place the unique folder into the usr directory.
- Add a second binary port to the config file.
- Telnet to it and try to log in as admin.
Cheers,
from cloud-server.
You'll see that my handler is just a test and it returns a custom user object. However if you type admin
at the first prompt the lib will clone a kernel user object.
from cloud-server.
> telnet localhost 8081
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
This is a testing server.
Please type a name: admin
Logged in as admin. Unfortunately the system is not available yet.
from cloud-server.
The cloudlib has not supported admin logins on binary ports for 4 years, and even back then only on the first binary port.
from cloud-server.
See this line. This is something you didn't changed from the original kernel library source.
Cheers,
from cloud-server.
> telnet localhost 8081 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. This is a testing server. Please type a name: admin Logged in as admin. Unfortunately the system is not available yet.
I will check again, but this is very strange...
from cloud-server.
But the admin user to be logged-in is expected from the first telnet port, right?
from cloud-server.
See this line. This is something you didn't changed from the original kernel library source.
I'm afraid I did change it. It applies to the first telnet port, not to the first binary port. How you manage to get an admin login on the second binary port is a mystery to me.
from cloud-server.
What with the confusion about the name ("kernel library" instead of "cloud library"), malformed condition checks that don't exist and documentation that may be so wrong that it's in the wrong repository, this has been a very unproductive issue.
It also cannot be reproduced and it seems to no longer be of interest. Closing.
from cloud-server.
Related Issues (3)
- How to add cloudlib users HOT 1
- Keeping cloudlib up to date HOT 14
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cloud-server.