Date: Mon, 16 Aug 2010 12:05:13 +0100 From: Tim Brown <timb@...-dimension.org.uk> To: oss-security@...ts.openwall.com Subject: Minor security flaw with pam_xauth Here's another bug where privileged code isn't checking the return value from setuid(): http://sourceforge.net/tracker/?func=detail&aid=3028213&group_id=6663&atid=106663 I don't think this needs a CVE as I haven't found a useful way to exploit it but maybe someone on here will spot something I've missed. Either way, I would have thought it should be fixed. Tim PS Is it just me or does "I fail to see how RLIMIT_NPROC should have any affect on setuid." in the comments a touch disconcerting given that it's from the PAM maintainer? -- Tim Brown <mailto:timb@...-dimension.org.uk> <http://www.nth-dimension.org.uk/> [ CONTENT OF TYPE application/pgp-signature SKIPPED ]
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ