pam_unix: reject unix_update(8) running on different unprivileged user - pam.git - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Christian Göttsche <cgzones@googlemail.com>	2024-01-04 18:23:57 +0100
committer	Dmitry V. Levin <ldv@strace.io>	2024-01-15 20:01:23 +0000
commit	b23d337b86488d23b2f77fc71a5de30348af671d (patch)
tree	bfb4962eb53e21b4da5fcf24c0fb30ed30eacd80 /modules/pam_unix/unix_chkpwd.c
parent	b430e2d1c93414cb14e9a3557ac895e864138497 (diff)
download	pam-b23d337b86488d23b2f77fc71a5de30348af671d.tar.gz pam-b23d337b86488d23b2f77fc71a5de30348af671d.tar.bz2 pam-b23d337b86488d23b2f77fc71a5de30348af671d.zip

pam_unix: reject unix_update(8) running on different unprivileged user

In case unix_update(8) is installed as a setuid binary, which Fedora and Debian does not do, prevent unprivileged users to probe (and eventually change) passwords of other users (including root).

Diffstat (limited to 'modules/pam_unix/unix_chkpwd.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: