On Thu, 30 Aug 2012, Thorsten Glaser wrote:
> I’m hereby seeking pre-upload approval for new uploads (not new
[…]
> • fusionforge_5.2~rc1wheezy1.debdiff
The diff attached will also need to be added to this upload
for security reasons. I found out today that deleted users
can still log in via SSH using their old pre-deletion password
(not with SSH pubkey auth, though, and they cannot do “much”,
but it’s still a security risk).
bye,
//mirabilos
--
tarent solutions GmbH
Rochusstraße 2-4, D-53123 Bonn • http://www.tarent.de/
Tel: +49 228 54881-393 • Fax: +49 228 54881-314
HRB 5168 (AG Bonn) • USt-ID (VAT): DE122264941
Geschäftsführer: Boris Esser, Sebastian Mancke
Index: debian/changelog
===================================================================
--- debian/changelog (revision 16198)
+++ debian/changelog (working copy)
@@ -11,8 +11,9 @@
* Check image upload is enabled before trying to do so (Closes: #679521)
* Unbreak and silence the MediaWiki nightly dump cronjob (Closes: #680165)
* Remove minified ECMAscript and binary *.jar from the source
+ * SECURITY: Upon user deletion, remove their Unix account as well
- -- Thorsten Glaser <[email protected]> Thu, 30 Aug 2012 11:06:02 +0200
+ -- Thorsten Glaser <[email protected]> Mon, 03 Sep 2012 11:55:51 +0200
fusionforge (5.2~rc1-5) unstable; urgency=low
Index: db/20120903-no-unix-account-for-deleted-users.sql
===================================================================
--- db/20120903-no-unix-account-for-deleted-users.sql (revision 0)
+++ db/20120903-no-unix-account-for-deleted-users.sql (revision 0)
@@ -0,0 +1 @@
+UPDATE users SET unix_status='D' WHERE status!='A';
Index: common/include/User.class.php
===================================================================
--- common/include/User.class.php (revision 16198)
+++ common/include/User.class.php (working copy)
@@ -502,6 +502,7 @@
plugin_hook("user_delete", $hook_params);
$this->setStatus('D');
+ $this->setUnixStatus('D');
db_commit();
}
return true;
