PAM authentication bug?
John Gumb
john.gumb at tandberg.net
Sat Sep 1 17:39:43 PDT 2007
Folks
Looks like there's a bug in loginutils/login.c if PAM authentication is
enabled.
Symptoms are that if a valid username is entered with an incorrect
password then the user is allowed to log in.
Problem is if pam authentication fails the code just goes on to do a
getpwnam(username) which will succeed so long as the username is valid.
In the authentication failure case we need to goto auth_failed.
--- loginutils/login.c.orig 2007-09-02 00:50:09.000000000 +0100
+++ loginutils/login.c 2007-09-02 00:50:58.000000000 +0100
@@ -324,6 +324,11 @@
}
safe_strncpy(username, pamuser,
sizeof(username));
}
+ else
+ {
+ goto auth_failed;
+ }
+
/* If we get here, the user was authenticated, and is
* granted access. */
pw = getpwnam(username);
seems to fix it.
cheers
John
More information about the busybox
mailing list