Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 16 Aug 2010 12:05:13 +0100
From: Tim Brown <timb@...-dimension.org.uk>
To: oss-security@...ts.openwall.com
Subject: Minor security flaw with pam_xauth

Here's another bug where privileged code isn't checking the return value from 
setuid():

http://sourceforge.net/tracker/?func=detail&aid=3028213&group_id=6663&atid=106663

I don't think this needs a CVE as I haven't found a useful way to exploit it 
but maybe someone on here will spot something I've missed.  Either way, I 
would have thought it should be fixed.

Tim

PS Is it just me or does "I fail to see how RLIMIT_NPROC should have any affect 
on setuid." in the comments a touch disconcerting given that it's from the PAM 
maintainer?
-- 
Tim Brown
<mailto:timb@...-dimension.org.uk>
<http://www.nth-dimension.org.uk/>

Download attachment "signature.asc " of type "application/pgp-signature" (837 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.