Bug 6832 – kcheckpass must be SUID in order to work with NIS passwd

Bug 6832 - kcheckpass must be SUID in order to work with NIS passwd

Summary:	kcheckpass must be SUID in order to work with NIS passwd

Status:	CLOSED WORKSFORME

Aliases:	None

Product:	Red Hat Linux
Classification:	Retired
Component:	kdebase (Show other bugs)
Sub Component:
Version:	6.1
Hardware:	All Linux

Priority	medium Severity medium
Target Milestone:	---
Target Release:	---
Assigned To:	Preston Brown
QA Contact:
Docs Contact:

URL:
Whiteboard:
Keywords:

Depends On:
Blocks:
	Show dependency tree / graph

Reported:	1999-11-08 15:06 EST by ola
Modified:	2008-05-01 11:37 EDT (History)
CC List:	1 user (show)

See Also:
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	1999-11-23 11:09:24 EST
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Groups: None (edit)

Description ola 1999-11-08 15:06:01 EST

kcheckpass cannot validate a NIS-user if the
"use privileged port" security option is active for NIS passwords.

This means that the user cannot recover from e.g. locking the screen
with the KDE screensaver. X must be restarted, killing all active
applications. (It's very easy to trigger the bug.)

Presumably you'd get the same error with at shadow system.

Workaround: SUID on kcheckpass.

Comment 1 Preston Brown 1999-11-23 11:09:59 EST

kcheckpass should not be using NIS directly, but rather indirectly through PAM.
all of the PAM processes run with system privileges, and thus should not have
trouble accessing a privileged port.

kcheckpass was compiled with PAM enabled and uses the "login" pam service by
default.

Note You need to log in before you can comment on or make changes to this bug.