Potential high risk for readonly/operator users on BMC console access

Thang Nguyen OS thang at amperemail.onmicrosoft.com
Mon Nov 21 21:17:26 AEDT 2022


Hi,
I would like to have your comments on below issue which we think it is high risk security issue which description below:

Any user (read-only, operator, administrator), when created, has BMC console access/login by default. He can login to BMC via BMC console and do the following actions:
 - Write to his /home/<user> folder to full. This will make the RootFS full and no more operation can be done, unless do A/C power and reflash the BMC from u-boot.
- Write to /tmp folder to full which will make many application fail to work.
It is good for administrator as he should have full privilege. However, for readonly/operator users, he should not have console access. No matter if he makes the BMC crashed by mistake or it is his intention, we should prevent his happens.
It is known that many production systems do not support BMC console but still have some support and some companies allow remote access via KVM or console server. I think we should disable shell login for normal users (readonly and operator) by default.

Thanks,
Thang Q. Nguyen -


More information about the openbmc mailing list