Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 16 Aug 2010 12:05:13 +0100
From: Tim Brown <timb@...-dimension.org.uk>
To: oss-security@...ts.openwall.com
Subject: Minor security flaw with pam_xauth

Here's another bug where privileged code isn't checking the return value from 
setuid():

http://sourceforge.net/tracker/?func=detail&aid=3028213&group_id=6663&atid=106663

I don't think this needs a CVE as I haven't found a useful way to exploit it 
but maybe someone on here will spot something I've missed.  Either way, I 
would have thought it should be fixed.

Tim

PS Is it just me or does "I fail to see how RLIMIT_NPROC should have any affect 
on setuid." in the comments a touch disconcerting given that it's from the PAM 
maintainer?
-- 
Tim Brown
<mailto:timb@...-dimension.org.uk>
<http://www.nth-dimension.org.uk/>

[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ