[22818] in bugtraq
Re: pam_limits.so Bug!!
daemon@ATHENA.MIT.EDU (Solar Designer)
Tue Oct 9 11:08:13 2001
Date: Tue, 9 Oct 2001 09:10:27 +0400
From: Solar Designer <solar@openwall.com>
To: Devrim SERAL <devrim.seral@gantek.com>
Cc: bugtraq@securityfocus.com
Message-ID: <20011009091027.A1267@openwall.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <3BC1AFB9.3FF88F86@gantek.com>; from devrim.seral@gantek.com on Mon, Oct 08, 2001 at 04:52:57PM +0300
On Mon, Oct 08, 2001 at 04:52:57PM +0300, Devrim SERAL wrote:
Several people(*) have contributed to investigating this issue during
the past month. It is an util-linux login bug, not a pam_limits one.
You should expect a fixed util-linux package soon.
(*) Nalin Dahyabhai, Andreas Hasenack, Rafal Wojtczuk, Olaf Kirch, and
me.
Openwall GNU/*/Linux is not affected and never was. We don't use that
login. :-)
> Devrim SERAL wrote:
> >
> > Hi ,
> >
> > Today i found some interesting bug when i tried to use pam_limits.so in
> > login pam configuration.
> >
> > Today one of my user warn me that when he log on the our Linux server he
> > gain
> > my rights. Firstly i think someone break our system. But when i checked
> > all logs
> > i didn't found any break sign.
> >
> > Then i think xinetd or in.telnetd have some bug. I checked all updates
> > from redhat and
> > found that we are on lastest patch level at all packets..
> >
> > Next i have disable telnetd from xinetd to all Lan and only permit to
> > access from my IP number. And check all possibility.
> >
> > Finally i found that only student groups member gain console or pts/0
> > rights..
> > And i remember at weekend i have changed /etc/security/limits.conf for
> > limit our student
> > maxlogin count to two.
> >
> > Only i added below line to this file:
> > @student hard maxlogins 2
> >
> > And also added below line to pam configuration of login:
> > session required pam_limits.so
> >
> > When i comment pam_limits.so related line the problem solved..
> >
> > I wonder that if its related only for our server or pam module specific?
> >
> > devrim
> >
> > Note: The server run on Redhat 7.1 Kernel 2.4.10 and all packets at
> > lastest patch level.
--
/sd
