2399 – openssh server should fatal out when pam_setcred and pam_open_session fail

Bug 2399 - openssh server should fatal out when pam_setcred and pam_open_session fail

Summary: openssh server should fatal out when pam_setcred and pam_open_session fail

Status:	NEW

Alias:	None

Product:	Portable OpenSSH
Classification:	Unclassified
Component:	PAM support (show other bugs)
Version:	6.8p1
Hardware:	SPARC Solaris

Importance:	P5 normal
Assignee:	Assigned to nobody

URL:
Keywords:

Depends on:
Blocks:

Reported:	2015-05-15 08:47 AEST by huieying.lee
Modified:	2015-05-15 13:46 AEST (History)
CC List:	1 user (show)

See Also:

Attachments
bug fix to correctly handle pam_setcred and pam_open_session failure (1.22 KB, patch) 2015-05-15 08:47 AEST, huieying.lee	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description huieying.lee 2015-05-15 08:47:19 AEST

Created attachment 2621 [details]
bug fix to correctly handle pam_setcred and pam_open_session failure

Currently, when the system has a PAM module configured for the auth PAM stack that does not actually exist, OpenSSH still allows a user to log in, if user authentication method is not keyboard-interactive or password.

For example, in /etc/pam.d/other:

auth required           pam_dhkeys.so.1
auth required           pam_do_not_exist.so.1  <----------- bad
auth binding            pam_unix_auth.so.1 server_policy 


In the above situation, pam_setcred() does return an error, but
server only give a warning and still allow a user to log in if he/she doesn't use keyboard-interacitve user auth. 

This is not an expected behavior.  OpenSSH server should be changed to exit out when pam_setcred() or pam_open_session() fail.