Displaying 20 results from an estimated 40000 matches similar to: "[Bug 83] PAM limits applied incorrectly (pam_session being called as non-root)"
2002 Oct 16
0
[Bug 83] PAM limits applied incorrectly (pam_session being called as non-root)
http://bugzilla.mindrot.org/show_bug.cgi?id=83
djm at mindrot.org changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |misiek at pld.org.pl
Summary|PAM limits applied |PAM limits applied
|incorrectly
2003 May 16
0
[Bug 83] PAM limits applied incorrectly (pam_session being called as non-root)
http://bugzilla.mindrot.org/show_bug.cgi?id=83
djm at mindrot.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Component|sshd |PAM support
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2003 Sep 15
0
[Bug 83] PAM limits applied incorrectly (pam_session being called as non-root)
http://bugzilla.mindrot.org/show_bug.cgi?id=83
------- Additional Comments From dtucker at zip.com.au 2003-09-15 12:13 -------
Hey, isn't this fixed in -current? do_pam_session is now called before
permanently_set_uid.
Could you please try a snapshot?
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2003 Mar 10
10
[Bug 83] PAM limits applied incorrectly (pam_session being called as non-root)
http://bugzilla.mindrot.org/show_bug.cgi?id=83
------- Additional Comments From djm at mindrot.org 2003-03-10 15:49 -------
Created an attachment (id=247)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=247&action=view)
Call pam_session after child fork()
Hopefully this patch will allow people to gather the feedback necessary to
close this bug.
------- You are receiving this
2002 Feb 12
3
[Bug 83] PAM limits applied incorrectly
http://bugzilla.mindrot.org/show_bug.cgi?id=83
djm at mindrot.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|fork() fails when there are |PAM limits applied
|PAM limits set |incorrectly
------- You are receiving this mail because: -------
You
2002 Jan 31
0
[Bug 83] fork() fails when there are PAM limits set
http://bugzilla.mindrot.org/show_bug.cgi?id=83
djm at mindrot.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Version|3.0.2p1 |-current
------- Additional Comments From djm at mindrot.org 2002-01-31 21:46 -------
I'm putting some replies from the
2002 Jul 15
0
[Bug 354] New: sshd with privsep doesn't do pam session setup properly
http://bugzilla.mindrot.org/show_bug.cgi?id=354
Summary: sshd with privsep doesn't do pam session setup properly
Product: Portable OpenSSH
Version: -current
Platform: ix86
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: openssh-unix-dev at mindrot.org
2002 Oct 16
2
[Bug 301] In openssh 3.3 and 3.4 pam session seems be called from non-root
http://bugzilla.mindrot.org/show_bug.cgi?id=301
------- Additional Comments From misiek at pld.org.pl 2002-10-16 10:14 -------
Of course this bug is not fixed even in latest 3.5 release :-( PAM really
_needs_ root priviledges. Any comments?
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2002 Jan 29
2
[Bug 83] New: fork() fails when there are PAM limits set
http://bugzilla.mindrot.org/show_bug.cgi?id=83
Summary: fork() fails when there are PAM limits set
Product: Portable OpenSSH
Version: 3.0.2p1
Platform: ix86
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: openssh-unix-dev at mindrot.org
ReportedBy:
2001 Sep 28
2
2.9.9p2 bug in PAM support
With OpenSSH 2.9.9p2 as the server, I'm not able to do scp or "ssh
machinename command" in general to any of my Suns!
I tracked this down a bit; the problem occurs only when PAM support is
enabled. However, if I remove line 430 of session.c,
"do_pam_session(s->pw->pw_name, NULL);" inside of do_exec_no_pty, the
problem goes away.
It looks like the following entry
2002 Jun 26
0
[Bug 301] New: In openssh 3.3 and 3.4 pam session seems be called from non-root
http://bugzilla.mindrot.org/show_bug.cgi?id=301
Summary: In openssh 3.3 and 3.4 pam session seems be called from
non-root
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: Linux
Status: NEW
Severity: critical
Priority: P3
Component: sshd
AssignedTo:
2002 Jun 26
1
[Bug 301] In openssh 3.3 and 3.4 pam session seems be called from non-root
http://bugzilla.mindrot.org/show_bug.cgi?id=301
------- Additional Comments From ldv at altlinux.org 2002-06-27 03:09 -------
In your case, to make pam_limits work,
use "ulimit -Sc 0" instead of "ulimit -c 0".
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2002 Jun 26
3
pam session as root
Beyond any more general questions of whether pam sessions *should* be
run as root, is there an immediate security concern with moving the
pam_open_session (and pam_setcred) stuff to the parent (root) process?
(E.g., via the patch below.)
--
Mike Stone
diff -u -r1.4 auth-pam.c
--- auth-pam.c 25 Jun 2002 00:45:33 -0000 1.4
+++ auth-pam.c 25 Jun 2002 20:33:41 -0000
@@ -286,6 +286,8 @@
2002 Feb 12
1
openssh + pam errors (fwd)
heres a fix for pam support im openssh, inline and attached.. openssh
calls do_pam_session early, before a fork(). it does this on the proc
still running as root, so it checks the users limits, against what root
has running, and depending on limits can fail at the fork() (and almost
always does). this patch moves it past the fork. ive been running it for
a couple of weeks and everything seems
2003 Jan 07
1
[Bug 331] ssh w/o privilege separation does not work for non-root users
http://bugzilla.mindrot.org/show_bug.cgi?id=331
------- Additional Comments From djm at mindrot.org 2003-01-07 18:23 -------
3 months, no followup == no bug
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
1999 Dec 09
2
OpenSSH-1.12pre17: PATCH: Red Hat PAM limits
With the sshd in recent releases of OpenSSH, some Red Hat Linux systems
complain about ulimit trying to raise a limit when logging in via ssh.
The problem is that packages/redhat/sshd.pam doesn't do limit checking
for an sshd session.
The attached patch adds the pam_limits module to the sshd session,
which checks for limits set in /etc/security/limits.conf.
This works on Red Hat Linux 5.2
2001 Feb 26
1
2.5.1p1 on Redhat Linux 6.2 using PAM does not log closing of session
Hello all,
On Redhat 6.2, the PAM_unix module logs the session opening, but not
the session closing. This was logged as of 2.3.0p1. Upgrading to
2.5.1p1 makrs the start of the problem.
Thanks in advance,
Victor
--
Victor J. Orlikowski
======================
v.j.orlikowski at gte.net
orlikowski at apache.org
vjo at us.ibm.com
2003 Jan 02
1
[Bug 354] sshd with privsep doesn't do pam session setup properly
http://bugzilla.mindrot.org/show_bug.cgi?id=354
------- Additional Comments From cjwatson at debian.org 2003-01-03 02:42 -------
Alternatively, perhaps sshd could be configured to setrlimit() everything up to
RLIM_INFINITY after forking but before giving up root privileges. It could then
rely on pam_limits to set limits back down if the administrator wants that,
which would work even with
2007 Feb 23
0
Formatting difftime objects
I like the new difftime functionality. Here's a dataframe of 5k run times:
> r5k
race date totaltime pace mile
1 RUDOLPH 2004-12-03 19:00:00 27.76667 mins 8.937224 mins 3.106856
2 RUDOLPH 2005-12-02 18:30:00 25.28333 mins 8.137916 mins 3.106856
3 FROSTBITE 2005-12-10 07:00:00 24.75000 mins 7.966253 mins 3.106856
4 JUDICATA 2006-03-04
2002 Apr 17
0
[Bug 120] sshd fails pty chown() when run as non-root userid
http://bugzilla.mindrot.org/show_bug.cgi?id=120
djm at mindrot.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Severity|normal |enhancement
Keywords| |help-wanted
------- You are receiving this mail because: -------
You are