Package: libpam-modules
Version: 0.99.7.1-4
Severity: grave
Tags: security
Justification: user security hole
Hi,
this line should add the group floppy to the user "us" according to the
documentation.
group.conf :
"xsh;tty*&!ttyp*;us;Al0000-2400;floppy".
But this line give all the "us*" users the floppy group.
After looking at the source code, it seems the match is only done on the
length of the username in group.conf. So we only check the start of the
name.
The code for evaluating expression is used for other fields, and the same
bug could happen for the tty or service field.
Note the code for parsing entries is duplicated from pam_time (and may
be other
modules). They may be have the same issue
(note that pam_time are already a parsing bug #326407)
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.22-1-686 (SMP w/2 CPU cores)
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15)
Shell: /bin/sh linked to /bin/dash
Versions of packages libpam-modules depends on:
ii libc6 2.6.1-5 GNU C Library: Shared libraries
ii libcap1 1:1.10-14 support for getting/setting
POSIX.
ii libdb4.6 4.6.19-1 Berkeley v4.6 Database
Libraries [
ii libpam0g 0.99.7.1-4 Pluggable Authentication
Modules l
ii libselinux1 2.0.15-2+b1 SELinux shared libraries
libpam-modules recommends no packages.
-- no debconf information
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
