diff options
| -rw-r--r-- | ChangeLog | 6 | ||||
| -rw-r--r-- | modules/pam_limits/pam_limits.c | 18 | ||||
| -rw-r--r-- | modules/pam_loginuid/pam_loginuid.c | 3 |
3 files changed, 22 insertions, 5 deletions
@@ -1,5 +1,11 @@ 2007-06-22 Thorsten Kukuk <kukuk@thkukuk.de> + * modules/pam_loginuid/pam_loginuid.c (set_loginuid): Print + better error message if /proc/self/loginuid cannot be opened. + + * modules/pam_limits/pam_limits.c (process_limit): Check for + variable overflow after multiplication [bnc#283001]. + * modules/pam_access/pam_access.c: Add new syntax for groups in access.conf to differentiate group names from account names. Based on patch from Julien Lecomte <julien@famille-lecomte.net>, diff --git a/modules/pam_limits/pam_limits.c b/modules/pam_limits/pam_limits.c index f9a91164..bf6f09df 100644 --- a/modules/pam_limits/pam_limits.c +++ b/modules/pam_limits/pam_limits.c @@ -374,8 +374,13 @@ process_limit (const pam_handle_t *pamh, int source, const char *lim_type, switch(limit_item) { case RLIMIT_CPU: - if (rlimit_value != RLIM_INFINITY) - rlimit_value *= 60; + if (rlimit_value != RLIM_INFINITY) + { + if (rlimit_value >= RLIM_INFINITY/60) + rlimit_value = RLIM_INFINITY; + else + rlimit_value *= 60; + } break; case RLIMIT_FSIZE: case RLIMIT_DATA: @@ -385,7 +390,12 @@ process_limit (const pam_handle_t *pamh, int source, const char *lim_type, case RLIMIT_MEMLOCK: case RLIMIT_AS: if (rlimit_value != RLIM_INFINITY) - rlimit_value *= 1024; + { + if (rlimit_value >= RLIM_INFINITY/1024) + rlimit_value = RLIM_INFINITY; + else + rlimit_value *= 1024; + } break; #ifdef RLIMIT_NICE case RLIMIT_NICE: @@ -674,7 +684,7 @@ pam_sm_open_session (pam_handle_t *pamh, int flags UNUSED, out: globfree(&globbuf); - if (retval != PAM_SUCCESS) + if (retval != PAM_SUCCESS) { pam_syslog(pamh, LOG_WARNING, "error parsing the configuration file: '%s' ",CONF_FILE); return retval; diff --git a/modules/pam_loginuid/pam_loginuid.c b/modules/pam_loginuid/pam_loginuid.c index 3e9b4779..13509e7e 100644 --- a/modules/pam_loginuid/pam_loginuid.c +++ b/modules/pam_loginuid/pam_loginuid.c @@ -58,7 +58,8 @@ static int set_loginuid(pam_handle_t *pamh, uid_t uid) if (fd < 0) { if (errno != ENOENT) { rc = 1; - pam_syslog(pamh, LOG_ERR, "set_loginuid failed opening loginuid"); + pam_syslog(pamh, LOG_ERR, + "Cannot open /proc/self/loginuid: %m"); } return rc; } |