From owner-freebsd-security@FreeBSD.ORG Wed Mar 4 05:09:19 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BAFD9106566C for ; Wed, 4 Mar 2009 05:09:19 +0000 (UTC) (envelope-from ivangrvr299@gmail.com) Received: from wf-out-1314.google.com (wf-out-1314.google.com [209.85.200.172]) by mx1.freebsd.org (Postfix) with ESMTP id 8AEC28FC08 for ; Wed, 4 Mar 2009 05:09:19 +0000 (UTC) (envelope-from ivangrvr299@gmail.com) Received: by wf-out-1314.google.com with SMTP id 27so3230960wfd.7 for ; Tue, 03 Mar 2009 21:09:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type; bh=qqI2QS+/I0KIkXsk2fMNdiQF3ampgVyp57gaST1ywyc=; b=Y4zqr0CPPpFM2AGc2aTHctPSlK0l0y3Rn10v87jtmuBkWZNWgBxlkbml2F0wTwMkgN w6ELHfaG7/tUdlmdLfeCyIFmZWq2hrAJ4gpLK9TMk9aMrmUhmWqdW+L8GxxBAiyGH1vj g4oVKZQppA4U7e4egQFex+f3+Kyb3twwzdcGU= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=G+2lhav+EDBeKQTYCaRtzS87C8qPzZsAsQVTFlKUe6MgCZ+66wguFgI16BHHqvrmRq pM/EGZsRatFwsZ3wa88Cox8gr7X5bVhqzU8CyWzjTnfYFMcSNk7YpC7+X8E/brEmwarP dfgbOt7aoYc26UuGPk+wpmNQxrvwc7LjjTWKo= MIME-Version: 1.0 Received: by 10.142.162.9 with SMTP id k9mr3980229wfe.309.1236143357104; Tue, 03 Mar 2009 21:09:17 -0800 (PST) In-Reply-To: <86fxhxh2mq.fsf@ds4.des.no> References: <670f29e20902240717m49f53bfx67166c151c01384b@mail.gmail.com> <86eixnfwr2.fsf@ds4.des.no> <670f29e20902270618m23eed4acg15a8a3e7b43fe327@mail.gmail.com> <670f29e20902270810h22adc102rd9500d74208b1f11@mail.gmail.com> <86fxhxh2mq.fsf@ds4.des.no> Date: Wed, 4 Mar 2009 10:39:17 +0530 Message-ID: <670f29e20903032109r7f577b82k59fcec55b0452385@mail.gmail.com> From: Ivan Grover To: =?ISO-8859-1?Q?Dag=2DErling_Sm=F8rgrav?= Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-security@freebsd.org Subject: Re: PAM rules inside pam.d X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Mar 2009 05:09:20 -0000 Thanks for your valuable inputs. The PAM module information is not yet clea= r for me. The pam_unix, which i debugged was from Linux-PAM-0.78 (www.*linux* fromscratch.org/blfs/view/blfs-book-6.0-html/postlfs/*linux*_*pam*.html ) I think the libraries too belong to the same library. I apologize=EF=BF=BD = if i asked this query to wrong forum. Currently i dont see any issues with crypt library as you have suggested. I will plan to upgrade the PAM library and see how it goes. Thanks a lot On Sun, Mar 1, 2009 at 5:32 PM, Dag-Erling Sm=C3=B8rgrav wrote= : > Ivan Grover writes: > > I debugged pam_unix aswell, it looks like crypt function is giving > > different strings for telnet and my application with same passwd > > string and salt. So i think the issue could be with crypt library > > linked telnet and my application. > > please let me know your thoughts > > There's not much I can say (or think) since you still haven't told me > what you upgraded *from* and *to*, but I doubt very much that there is > anything wrong with crypt(). The only two possibilities I can think of > are a) your application calls set_crypt_format() with an incorrect > argument, or b) your application contains an alternate (incorrect) > implementation of crypt(), or is linked to a library that does. > > DES > -- > Dag-Erling Sm=C3=B8rgrav - des@des.no >