Bug 16456 - files missing from pam-0.72-20
Summary: files missing from pam-0.72-20
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: pam
Version: 6.2
Hardware: i386
OS: Linux
Target Milestone: ---
Assignee: Nalin Dahyabhai
QA Contact:
Depends On:
TreeView+ depends on / blocked
Reported: 2000-08-17 15:57 UTC by dietzma
Modified: 2008-05-01 15:37 UTC (History)
0 users

Clone Of:
Last Closed: 2000-08-17 15:57:22 UTC

Attachments (Terms of Use)

Description dietzma 2000-08-17 15:57:18 UTC
The executable utility pam_tally used for viewing and resetting 
the /var/log/faillog file after X failed login attempts is not present on 
the RedHat pam-0.72-20.  pam_tally.so library is included however, making 
it possible to prevent logins after X failed login attempts but not to 
reset them since the pam_tally utility isn't included.  

The README files from the modules/* directories which provide more 
detailed description are also not included in the /usr/doc/pam-0.72-20 
directory either.

Finally, due to the permissions on /bin/login not being setuid, a user 
could bypass the whole pam_tally.so module locally by running login at the 
shell prompt.  pam_tally.so then attempts to write the file with the 
permissions of the user who invoked it and fails since it is owned by 
root, therefore bypassing the tallying effect (this may be a pam_tally 
bug ?).

Comment 1 Nalin Dahyabhai 2000-08-18 00:16:42 UTC
The README files and pam_tally application are being added for the next
release.  A non-setuid-root /bin/login is useless (when pam_unix is being used
for authentication) for getting a login shell as anyone other than yourself.

Note You need to log in before you can comment on or make changes to this bug.