From owner-freebsd-bugs Thu Aug 2 2: 5: 4 2001 Delivered-To: freebsd-bugs@freebsd.org Received: from arb.arb.za.net (arb.arb.za.net [196.7.148.4]) by hub.freebsd.org (Postfix) with ESMTP id B75BC37B401; Thu, 2 Aug 2001 02:04:54 -0700 (PDT) (envelope-from mark@grondar.za) Received: (from uucp@localhost) by arb.arb.za.net (8.11.3/8.11.3) with UUCP id f7294r545592; Thu, 2 Aug 2001 11:04:53 +0200 (SAST) (envelope-from mark@grondar.za) Received: from grondar.za (mark@localhost [127.0.0.1]) by grimreaper.grondar.za (8.11.4/8.11.4) with ESMTP id f6VLH9P09856; Tue, 31 Jul 2001 22:17:09 +0100 (BST) (envelope-from mark@grondar.za) Message-Id: <200107312117.f6VLH9P09856@grimreaper.grondar.za> To: dwmalone@FreeBSD.org Cc: freebsd-bugs@FreeBSD.org, markm@FreeBSD.org Subject: Re: bin/29349: pam_wheel does not check primary group id References: <200107311359.f6VDx6F54402@freefall.freebsd.org> In-Reply-To: <200107311359.f6VDx6F54402@freefall.freebsd.org> ; from "Tue, 31 Jul 2001 06:59:06 PDT." MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----- =_aaaaaaaaaa0" Content-ID: <9851.996614152.0@grondar.za> Date: Tue, 31 Jul 2001 22:17:08 +0100 From: Mark Murray Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org ------- =_aaaaaaaaaa0 Content-Type: text/plain; charset="us-ascii" Content-ID: <9851.996614152.1@grondar.za> > Synopsis: pam_wheel does not check primary group id Does the attached patch fix it for you? M -- Mark Murray Warning: this .sig is umop ap!sdn ------- =_aaaaaaaaaa0 Content-Type: text/plain; charset="us-ascii" Content-ID: <9851.996614152.2@grondar.za> Content-Description: pam_wheel.patch Index: pam_wheel.c =================================================================== RCS file: /home/ncvs/src/lib/libpam/modules/pam_wheel/pam_wheel.c,v retrieving revision 1.2 diff -u -d -r1.2 pam_wheel.c --- pam_wheel.c 2001/07/14 08:42:39 1.2 +++ pam_wheel.c 2001/07/31 20:29:37 @@ -66,23 +66,24 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc, const char **argv) { struct options options; - struct passwd *pwd, *temppwd; + struct passwd *pwd; struct group *grp; int retval; const char *user; - char *fromsu, *use_group; + char *use_group; pam_std_option(&options, other_options, argc, argv); PAM_LOG("Options processed"); - retval = pam_get_user(pamh, &user, NULL); - if (retval != PAM_SUCCESS) - PAM_RETURN(retval); - - pwd = getpwnam(user); - if (!pwd) - PAM_RETURN(PAM_USER_UNKNOWN); + if (pam_test_option(&options, PAM_OPT_AUTH_AS_SELF, NULL)) + pwd = getpwnam(getlogin()); + else { + retval = pam_get_user(pamh, &user, NULL); + if (retval != PAM_SUCCESS) + PAM_RETURN(retval); + pwd = getpwnam(user); + } PAM_LOG("Got user: %s", user); @@ -92,20 +93,6 @@ PAM_LOG("Not superuser"); - if (pam_test_option(&options, PAM_OPT_AUTH_AS_SELF, NULL)) { - temppwd = getpwnam(getlogin()); - if (temppwd == NULL) - PAM_RETURN(PAM_SERVICE_ERR); - fromsu = temppwd->pw_name; - } - else { - fromsu = getlogin(); - if (!fromsu) - PAM_RETURN(PAM_SERVICE_ERR); - } - - PAM_LOG("Got fromsu: %s", fromsu); - if (!pam_test_option(&options, PAM_OPT_GROUP, &use_group)) { if ((grp = getgrnam("wheel")) == NULL) grp = getgrgid(0); @@ -122,7 +109,7 @@ PAM_LOG("Got group: %s", grp->gr_name); - if (in_list(grp->gr_mem, fromsu)) { + if (pwd->pw_gid == grp->gr_gid || in_list(grp->gr_mem, pwd->pw_name)) { if (pam_test_option(&options, PAM_OPT_DENY, NULL)) PAM_RETURN(PAM_PERM_DENIED); if (pam_test_option(&options, PAM_OPT_TRUST, NULL)) ------- =_aaaaaaaaaa0-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message