[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: pam_unix_auth cleanup: NIS+ issues


On Thu, Jun 10, explode@lst.de wrote:

> On Wed, 09 Jun 1999 17:07:37 +0200, Thorsten Kukuk wrote:
> > It is necessary, or you couldn't get the password if you set up
> > the NIS+ passwd table in a secure way.
> IMHO it isn't necessary in the sense of `required by the protocol'.

That is correct.

> To me, this appears to be an implementation issue in the RPC library,
> where the auth_des client code picks the netname based on the 
> current process' effective uid. The problem can be avoided if
> the authdes client is given a function by which PAM can tell it what
> netname to use.

Who should be allowed to tell authdes which netname to use ? If you
are not carefull with this, everybody could use the key of another
person who is logged in or doesn't run keylogout.

> That's not the only problem with NIS+ though: In order for the client to
> authenticate itself with the NIS+ server, it needs to establish the user's
> secure rpc key first, and push it to the local keyserv where it's added
> to the cache. In other words, the user is half-way logged in before
> we can even check his password. And there's no way we can remove the
> private key from keyserv's cache again because we don't know whether we
> are the only session or not.

At first, we could ask if a key is set. If not, set it and do the
authentication. If this failed, we could remove (overwrite) it.

> To summarize, the auth_des client code needs a shortcut function
> by which PAM and others can pass it a netname and secret key.

I think it is much more secure to allow only a process with the
uid of the user/netname to set and use a secret key then to
allow it everybody.


Thorsten Kukuk      http://www.suse.de/~kukuk/        kukuk@suse.de
SuSE GmbH           Schanzaeckerstr. 10             90443 Nuernberg
Linux is like a Vorlon.  It is incredibly powerful, gives terse,
cryptic answers and has a lot of things going on in the background.

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []