[22538] in bugtraq
pam limits drops privileges
daemon@ATHENA.MIT.EDU (Tarhon-Onu Victor)
Wed Sep 5 18:47:38 2001
Date: Thu, 6 Sep 2001 00:37:52 +0300 (EEST)
From: Tarhon-Onu Victor <mituc@iasi.rdsnet.ro>
To: <bugtraq@securityfocus.com>
Message-ID: <Pine.LNX.4.33.0109052356560.13610-100000@blackblue.iasi.rdsnet.ro>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Tested with: RedHat Linux
pam-0.74-22, pam-0.75-7, util-linux-2.10s,
util-linux-2.10s-12, in any combination.
Posted on: Bugzilla and Pam-Bugs.
Distribution dependent: dunno, but I think it's a pam bug.
Problem description: If there are any limits set for a group of
users then those users, logging in by any method using /bin/login (console
login, telnet, etc) can get privileges of the last user last logged in
via ssh (we're using openssh).
How to reproduce:
# groupadd testgroup
# useradd testuser -g testgroup
# echo '@testgroup - maxlogins 2'
ssh (let's say) as root into your box, then telnet into it and
login as testuser... and enjoy.
I think this is a big problem because It's difficult to manage a
>200 users system without group/user limits.
--
Tarhon-Onu Victor
Network and System Engineer
RDS Iasi - Network Operations Center
Phone: +40-32-218385
