From owner-freebsd-ports Wed Mar 15 17:31:34 2000 Delivered-To: freebsd-ports@freebsd.org Received: from norn.ca.eu.org (cr965240-b.abtsfd1.bc.wave.home.com [24.113.19.137]) by hub.freebsd.org (Postfix) with ESMTP id 8C4D737B9F4; Wed, 15 Mar 2000 17:31:31 -0800 (PST) (envelope-from cpiazza@norn.ca.eu.org) Received: by norn.ca.eu.org (Postfix, from userid 1000) id 3A1A419B6; Wed, 15 Mar 2000 17:31:29 -0800 (PST) Date: Wed, 15 Mar 2000 17:31:29 -0800 From: Chris Piazza To: FreeBSD Ports Cc: jedgar@FreeBSD.org, kris@FreeBSD.org Subject: [SECURITY] Serious problems with the wdm port Message-ID: <20000315173129.A5272@norn.ca.eu.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0.1i X-Operating-System: FreeBSD 5.0-CURRENT i386 Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org (kris CC:'d because this is a security problem, jedgar CC:'d because it's doing weird things and he committed it.) Hi, The wdm port was recently upgraded to 1.20. Okay, that's fine. Except if you enable pam using USE_PAM it does some pretty weird things. 1. It installs and grabs its PAM information from /etc/pam.d/wdm. Uh.. what is that? 2. This is the security problem. By default it uses this for PAM modules: #%PAM-1.0 auth sufficient /usr/lib/pam_permit.so account sufficient /usr/lib/pam_permit.so session sufficient /usr/lib/pam_permit.so Uh... so it allows any password given to work. The only reason I found this was because the modules I'd listed in /etc/pam.conf (the RIGHT place) weren't even being used. -Chris -- cpiazza@jaxon.net cpiazza@FreeBSD.org Abbotsford, BC, Canada To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message