[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Wheel module with trust doesn't work (?)



It's a known bug in libpwdb.
Its implementation of getgrnam() or getgrgid() returns
corrupted strings.
I posted the description of the bug and a patch at Dec 27
to the mailing list.
My copy of the message has stamp "<pam-list@redhat.com> archive/latest/2705".

IMHO the problem of the original author is unrelated to this bug.

Regards
					Andrey V.
					Savochkin

On Thu, Mar 12, 1998 at 09:38:04PM -0600, Chris Adams wrote:
> 
> I don't know about your problem, but I have another problem with the
> wheel module.  I put this line at the top of the standard /etc/pam.d/su:
> 
> auth       required     /lib/security/pam_wheel.so group=wheel
> 
> I wanted to use a group other than root.  What I found was that when
> pam_wheel.so did the group lookup, it opened and read /etc/group itself
> (instead of checking the group perms of the running process like the
> shadow version of su does).  There is a bug somewhere in the reading,
> and the username at the end of the line is garbled (I think the last
> character was chopped or a space added; it has been a while since I
> looked).  The work around is to put something like this in /etc/group:
> 
> wheel::10:root,cadams,lon,npugh,root
> 
> Just always leave root at the end of the line.
> 
> Anyway, I think pam_wheel.so has several problems.  I started to look at
> it some several months ago, right after Red Hat 4.9.1 (the beta) was
> released and I noticed the above problem, but I have not had time since.



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []