[22560] in bugtraq
Re: pam limits drops privileges
daemon@ATHENA.MIT.EDU (Tarhon-Onu Victor)
Fri Sep 7 12:23:28 2001
Date: Thu, 6 Sep 2001 16:39:42 +0300 (EEST)
From: Tarhon-Onu Victor <mituc@iasi.rdsnet.ro>
To: Lukasz Trabinski <lukasz@lt.wsisiz.edu.pl>
Cc: <bugtraq@securityfocus.com>
In-Reply-To: <Pine.LNX.4.33.0109061018020.1365-100000@lt.wsisiz.edu.pl>
Message-ID: <Pine.LNX.4.33.0109061627310.19327-100000@blackblue.iasi.rdsnet.ro>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
On Thu, 6 Sep 2001, Lukasz Trabinski wrote:
> Password:
> Too many logins for 'test'.
First of all kill all the processes owned by test. Then let's make
it step by step:
# groupadd testgroup
# useradd -g testgroup testuser
# echo '@testgroup - maxlogins 3'>>/etc/security/limits.conf
# ssh pulea@localhost
pulea@localhost's password:
Last login: Thu Sep 6 16:30:16 2001 from localhost.localdomain
blackblue (pulea):~>telnet 0 -l testuser
Trying 0.0.0.0...
Connected to 0.
Escape character is '^]'.
Password:
Last login: Thu Sep 6 16:32:33 from localhost.localdomain
blackblue (pulea):~>id
uid=504(pulea) gid=100(users) groups=508(testgroup)
blackblue (pulea):~>id testuser
uid=508(testuser) gid=508(testgroup) groups=508(testgroup)
Syslog messages:
Sep 6 16:33:30 blackblue pam_limits[19558]: checking if testuser is in
group testgroup
Sep 6 16:33:30 blackblue -- testuser[19558]: LOGIN ON pts/1 BY pulea
FROM localhost.localdomain
You will obtain same results (logging in as testuser you will get
pulea's shell) logging from console as testuser.
--
Tarhon-Onu Victor
Network and System Engineer
RDS Iasi - Network Operations Center
Phone: +40-32-218385
