Re: PAM exec patch to allow PAM_AUTHTOK to be exported.

From: Dan Lukes <dan@xxxxxxxxx>
Date: Sun, 20 May 2007 20:06:19 +0200

Dag-Erling Smørgrav napsal/wrote, On 05/20/07 19:10:

"Zane C.B." <v.velox@xxxxxxxxxx> writes:
Dag-Erling Smørgrav <des@xxxxxx> writes:
Your patch opens a gaping security hole. Sensitive information
should never be placed in the environment.

Unless I am missing something, this is only dangerous if one is doing
something stupid with what ever is being executed by pam_exec.

Environment variables may be visible to other processes and users
through e.g. /proc.

Many sensitive informations can be accessible via /dev/kmem but the default mode of the device doesn't allow regular user access.

We trust the responsible administrator he doesn't load the mem.ko module and change the mode/ownership of /dev/kmem the way that open a hole.

So we shall trust the same administrator he doesn't load the procfs.ko and mount /proc creating the security hole this way.

Please note I agree with the conclusion - the offered patch shall be rejected. I disagree with explanation only. It's not as simple as presented.

Dan

--
Dan Lukes SISAL MFF UK
AKA: dan at obluda.cz, dan at freebsd.cz, dan at (kolej.)mff.cuni.cz

_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"

Follow-Ups:
- Re: PAM exec patch to allow PAM_AUTHTOK to be exported.
  - From: Zane C.B.

References:
- PAM exec patch to allow PAM_AUTHTOK to be exported.
  - From: Zane C.B.
- Re: PAM exec patch to allow PAM_AUTHTOK to be exported.
  - From: Dag-Erling Smørgrav
- Re: PAM exec patch to allow PAM_AUTHTOK to be exported.
  - From: Zane C.B.
- Re: PAM exec patch to allow PAM_AUTHTOK to be exported.
  - From: Dag-Erling Smørgrav

Prev by Date: Re: PAM exec patch to allow PAM_AUTHTOK to be exported.
Next by Date: Re: PAM exec patch to allow PAM_AUTHTOK to be exported.
Previous by thread: Re: PAM exec patch to allow PAM_AUTHTOK to be exported.
Next by thread: Re: PAM exec patch to allow PAM_AUTHTOK to be exported.
Index(es):
- Date
- Thread

Relevant Pages

Re: PAM exec patch to allow PAM_AUTHTOK to be exported.
... Environment variables may be visible to other processes and users ... We trust the responsible administrator he doesn't load the ... the procfs.ko and mount /proc creating the security hole this way. ...
(FreeBSD-Security)
Re: cant change homepage
... I'm having the same issue as Dan. ... mentioned, Kelly, but the page doesn't load. ... suggestions or other recommendations? ... >> search and destroy as well as adware 6.0 nut they have ...
(microsoft.public.windows.inetexplorer.ie6.browser)
Re: Using assembly.load to load system.data
... "Dan" wrote in message ... > assemblys like system.windows.forms and system.drawing ... >> Ok now I have got it to load the assembly but for some reason I don't ... assembly name is the full name, version, public key etc. ...
(microsoft.public.dotnet.framework.compactframework)
Re: Using assembly.load to load system.data
... Dan wrote: ... > Public Shared Sub loadAssembly(ByVal ns As String, ByVal assemblyName As ... > So if I call this to load system.data, ns would be system.data and assembly ... > load it with the fullname fails. ...
(microsoft.public.dotnet.framework.compactframework)
Re: Using assembly.load to load system.data
... "Dan" wrote in message ... > Public Shared Sub loadAssembly(ByVal ns As String, ByVal assemblyName As ... 'try load from fullname ... > "Daniel Moth" wrote in message ...
(microsoft.public.dotnet.framework.compactframework)