[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PAM authentication patch - v2

From: Brian Murphy
Subject: Re: PAM authentication patch - v2
Date: Tue, 01 Jul 2003 17:18:40 +0200
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4) Gecko/20030529

Steve McIntyre wrote:

Cool patch - I see you've spent a lot more effort on the docs than I


did in mine (most recent against 1.12.1 attached for reference). Just
one point that worries me - you only hardcode the pam service name if
specifically configured that way, otherwise you just use the
program_name. This is very dangerous and is specifically warned
against in the PAM documentation I've read. If a user can sym-link to
your CVS binary and use another name (easily done), they then get the
option of using whichever PAM config they want. That's a security hole
waiting to happen!

Not really (a security hole). That is as long as you don't suid/sgid your cvs
binary. If you do then you need to force the service name to something.
If you don't then the only way of exploiting the security hole is to be
the root user and root can do anything anyway. The cvs documentation
explicitly states the use of CVS in suid mode is unsupported and evil
(perhaps I extrapolate a little ;-)). Hence no problem.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]