Bugtraq mailing list archives

pam limits drops privileges

From: Tarhon-Onu Victor <mituc () iasi rdsnet ro>
Date: Thu, 6 Sep 2001 00:37:52 +0300 (EEST)


        Tested with: RedHat Linux
                pam-0.74-22, pam-0.75-7, util-linux-2.10s,
                util-linux-2.10s-12, in any combination.
        Posted on: Bugzilla and Pam-Bugs.
        Distribution dependent: dunno, but I think it's a pam bug.

        Problem description: If there are any limits set for a group of
users then those users, logging in by any method using /bin/login (console
login, telnet, etc) can get privileges of the last user last logged in
via ssh (we're using openssh).
        How to reproduce:
        # groupadd testgroup
        # useradd testuser -g testgroup
        # echo '@testgroup  -  maxlogins  2'
        ssh (let's say) as root into your box, then telnet into it and
login as testuser... and enjoy.

        I think this is a big problem because It's difficult to manage a

200 users system without group/user limits.


-- 
Tarhon-Onu Victor
Network and System Engineer
RDS Iasi - Network Operations Center
Phone: +40-32-218385

Current thread:

pam limits drops privileges Tarhon-Onu Victor (Sep 05)
- Re: pam limits drops privileges Chris Adams (Sep 06)
- <Possible follow-ups>
- Re: pam limits drops privileges Lukasz Trabinski (Sep 07)
  - Re: pam limits drops privileges Tarhon-Onu Victor (Sep 07)
- Re: pam limits drops privileges Lukasz Trabinski (Sep 09)