Linux-PAM 0.81 released
Thorsten Kukuk
kukuk at suse.de
Wed Nov 2 08:19:13 UTC 2005
This is release fixes only a security issue in pam_unix module and a
regression in pam_limits introduced with version 0.80.
When SELinux was enabled the unix_chkpwd helper didn't verify the user
which was executing it and if SELinux policy didn't prevent it or if
SELinux was running in permissive mode it would allow brute force
attacks on other users passwords. The new release adds additional check
before password verification and logs attempts with wrong password.
Some user limits set in the limits.conf were applied incorrectly. The
new release fixes the problem.
Dmitry V. Levin,
Sebastien Tricaud,
Thorsten Kukuk,
Tomas Mraz.
--
Thorsten Kukuk http://www.suse.de/~kukuk/ kukuk at suse.de
SUSE LINUX Products GmbH Maxfeldstr. 5 D-90409 Nuernberg
--------------------------------------------------------------------
Key fingerprint = A368 676B 5E1B 3E46 CFCE 2D97 F8FD 4E23 56C6 FB4B
More information about the Pam-list
mailing list