[Bug 2399] New: openssh server should fatal out when pam_setcred and pam_open_session fail

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Fri May 15 08:47:19 AEST 2015


https://bugzilla.mindrot.org/show_bug.cgi?id=2399

            Bug ID: 2399
           Summary: openssh server should fatal out when pam_setcred and
                    pam_open_session fail
           Product: Portable OpenSSH
           Version: 6.8p1
          Hardware: Sparc
                OS: Solaris
            Status: NEW
          Severity: normal
          Priority: P5
         Component: PAM support
          Assignee: unassigned-bugs at mindrot.org
          Reporter: huieying.lee at oracle.com

Created attachment 2621
  --> https://bugzilla.mindrot.org/attachment.cgi?id=2621&action=edit
bug fix to correctly handle pam_setcred and pam_open_session failure

Currently, when the system has a PAM module configured for the auth PAM
stack that does not actually exist, OpenSSH still allows a user to log
in, if user authentication method is not keyboard-interactive or
password.

For example, in /etc/pam.d/other:

auth required           pam_dhkeys.so.1
auth required           pam_do_not_exist.so.1  <----------- bad
auth binding            pam_unix_auth.so.1 server_policy 


In the above situation, pam_setcred() does return an error, but
server only give a warning and still allow a user to log in if he/she
doesn't use keyboard-interacitve user auth. 

This is not an expected behavior.  OpenSSH server should be changed to
exit out when pam_setcred() or pam_open_session() fail.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list