| Summary: | openssh server should fatal out when pam_setcred and pam_open_session fail | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Portable OpenSSH | Reporter: | huieying.lee | ||||
| Component: | PAM support | Assignee: | Assigned to nobody <unassigned-bugs> | ||||
| Status: | NEW --- | ||||||
| Severity: | normal | CC: | dtucker | ||||
| Priority: | P5 | ||||||
| Version: | 6.8p1 | ||||||
| Hardware: | SPARC | ||||||
| OS: | Solaris | ||||||
| Attachments: |
|
||||||
Created attachment 2621 [details] bug fix to correctly handle pam_setcred and pam_open_session failure Currently, when the system has a PAM module configured for the auth PAM stack that does not actually exist, OpenSSH still allows a user to log in, if user authentication method is not keyboard-interactive or password. For example, in /etc/pam.d/other: auth required pam_dhkeys.so.1 auth required pam_do_not_exist.so.1 <----------- bad auth binding pam_unix_auth.so.1 server_policy In the above situation, pam_setcred() does return an error, but server only give a warning and still allow a user to log in if he/she doesn't use keyboard-interacitve user auth. This is not an expected behavior. OpenSSH server should be changed to exit out when pam_setcred() or pam_open_session() fail.