|Summary:||passwd blocks users from entering password information, if other non-root instance of passwd is running.|
|Product:||[Retired] Red Hat Linux||Reporter:||Jesse Keating <jkeating>|
|Component:||pam||Assignee:||Tomas Mraz <t8m>|
|Status:||CLOSED RAWHIDE||QA Contact:||Mike McLean <mikem>|
|Version:||8.0||CC:||abraar, ed, gneeki, janderson, jkeating, k.georgiou, mitr, ole.skartveit, shanew, t8m|
|Fixed In Version:||Doc Type:||Bug Fix|
|Doc Text:||Story Points:||---|
|Last Closed:||2004-09-16 12:29:28 UTC||Type:||---|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
Description Jesse Keating 2002-10-08 18:41:59 UTC
Description of problem: If a non-root user runs passwd, this keeps any other non-root users from being able to run passwd. This creates a way to block users from changing their passwords, possible security issue. Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1. run "passwd" as a non-root user, leave it at the "current password" prompt. 2. as a different, launch "passwd" 3. Observe not getting "Current Password" prompt on second instance of passwd. Actual Results: Second instance of passwd will never prompt the user, until the first instance is finished. Expected Results: passwd should allow multiple users to enter data simultaneously, then provide atomic updates to the actual PAM database. Additional info: I was able to reproduce this on a 7.2 machine as well, and this is the oldest system I have. I do not know how far back this regresses.
Comment 1 Jesse Keating 2002-10-08 18:50:22 UTC
It also seems that by running "passwd" as a non-root user, it will block root from being able to run passwd as well. This seems slightly more severe than at first glance.
Comment 2 Need Real Name 2002-10-08 18:59:07 UTC
Confirmed in 7.0 and 7.1 too. Ironically enough, a non-root user can block a root passwd command , but a root passwd doesn't block a non-root user, at least from the first prompt.
Comment 3 Miloslav Trmac 2002-10-08 21:45:06 UTC
Well, root can always kill the passwd process and then remove the /etc/.pwd.lock file.
Comment 4 Josh Bressers 2004-06-21 22:10:10 UTC
Removing security status. This isn't a security issue.
Comment 5 Tomas Mraz 2004-09-08 13:06:53 UTC
The only way how to do it right is to obtain the lock only for the real update of the file. However it is necessary to recheck the old password to disallow possible races. I'll try to make a patch.
Comment 7 Tomas Mraz 2004-09-16 12:29:28 UTC
Fixed in pam-0.77-56