[Bug 228] New: pam_krb5 on Solaris creates credentials with wrong owner
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Fri Apr 26 20:34:30 EST 2002
http://bugzilla.mindrot.org/show_bug.cgi?id=228
Summary: pam_krb5 on Solaris creates credentials with wrong owner
Product: Portable OpenSSH
Version: 3.1p1
Platform: UltraSparc
OS/Version: Solaris
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: openssh-unix-dev at mindrot.org
ReportedBy: gunnar at Astrogator.SE
pam_setcred() is called before the UID is set to the users own, and pam_krb5 on Solaris sets the owner of of the /tmp/krb5cc_xxx file to root.
The pam_krb5 module should really check this, but it does not, and a simple workaround is to move the setcred call to after the UID setting.
*** session.c-ORG Mon Feb 25 16:48:03 2002
--- session.c Mon Apr 22 03:48:01 2002
***************
*** 1135,1140 ****
--- 1135,1145 ----
exit(1);
}
endgrent();
+ # if defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY)
+ irix_setusercontext(pw);
+ # endif /* defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY) */
+ /* Permanently switch to the desired uid. */
+ permanently_set_uid(pw);
# ifdef USE_PAM
/*
* PAM credentials may take the form of supplementary groups.
***************
*** 1143,1153 ****
*/
do_pam_setcred(0);
# endif /* USE_PAM */
- # if defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY)
- irix_setusercontext(pw);
- # endif /* defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY) */
- /* Permanently switch to the desired uid. */
- permanently_set_uid(pw);
#endif
}
if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid)
--- 1148,1153 ----
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the openssh-unix-dev
mailing list