[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Linux UID/GID 'Feature'



I was wondering if the PAM "people" had been made aware of this.  Seems like
a bug in pwdb to me.

>Approved-By: aleph1@UNDERGROUND.ORG
>Date: 	Sun, 11 May 1997 13:39:21 -0400
>Reply-To: Jon Lewis <jlewis@INORGANIC5.FDT.NET>
>Sender: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
>From: Jon Lewis <jlewis@INORGANIC5.FDT.NET>
>Subject:      Re: Linux UID/GID 'Feature'
>X-To:         David Phillips <phillips@PCISYS.NET>
>X-cc:         linux-security@redhat.com
>To: BUGTRAQ@NETSPACE.ORG
>
>On Sat, 10 May 1997, David Phillips wrote:
>
>> While trying to make a user entry in the /etc/passwd file unrecognized
>> so I could demonstrate the use of valid UIDs, I placed a # in front of
the UID.
>> My theory was that this would make it an invalid number and cause Linux
>> to give an authentication failure.  (This worked as expect on SunOS 4.1.4)
>> But then we tried to su to that user and were rewarded by being dumped
>> to UID 0.  It didn't recognize the UID so it defaulted to 0.  Cool huh?
>>
>> He also noted that it works the same for GID.  We have not taken the time
>> to research the problem fully but have tested it on Red Hat 4.1
(2.0.27/2.0.30).
>
>This looks like Red Hat PAM breakage.  I verified it works (gives root) on
>my Red Hat 4.1 box, but it does not on any of my Slackware based boxes
>that are shadow upgraded.
>
>
>------------------------------------------------------------------
> Jon Lewis <jlewis@fdt.net>  |  Unsolicited commercial e-mail will
> Network Administrator       |  be proof-read for $199/hr.
>________Finger jlewis@inorganic5.fdt.net for PGP public key_______
>
>
--
- Oliver Jones -- orj@ihug.co.nz - Manager / Deeper Design -



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []