77646 – passwd falsely reports successful change when /etc/shadow is immutable

Bug 77646 - passwd falsely reports successful change when /etc/shadow is immutable

Summary: passwd falsely reports successful change when /etc/shadow is immutable

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 3
Classification:	Red Hat
Component:	pam
Sub Component:
Version:	3.0
Hardware:	i686
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Tomas Mraz
QA Contact:
Docs Contact:
URL:
Whiteboard:
Duplicates (1):	136369 (view as bug list)
Depends On:
Blocks:	132991
TreeView+	depends on / blocked

Reported:	2002-11-11 12:32 UTC by Bas Meijer
Modified:	2007-11-30 22:06 UTC (History)
CC List:	1 user (show)
Fixed In Version:	RHBA-2005-091
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2005-04-28 15:39:35 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2005:062	normal	SHIPPED_LIVE	pam bug fix update	2005-05-18 04:00:00 UTC
Red Hat Product Errata	RHBA-2005:064	low	SHIPPED_LIVE	pam bug fix update	2005-04-28 04:00:00 UTC
Red Hat Product Errata	RHBA-2005:091	normal	SHIPPED_LIVE	pam bug fix update	2005-06-08 04:00:00 UTC

Description Bas Meijer 2002-11-11 12:32:17 UTC

From Bugzilla Helper:
User-Agent: Mozilla/4.78 [en] (X11; U; Linux 2.4.9-21 i686)

Description of problem:
when /etc/shadow has immutable bit changing password reports success,
while actually the old password is still in effect.

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. # chattr +i /etc/shadow
2. $ passwd
3.Changing password for user
(current) UNIX password:
New UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfully
	

Actual Results:  -rw-------    1 root     root         1186 Aug  2 10:47
/etc/shadow

It is now Mon Nov 11 13:28:28 CET 2002, so shadow is not updated.

Expected Results:  shadow file is immutable, passwd should report failure.

Additional info:

passwd-0.64.1-4

Comment 1 Bas Meijer 2004-10-14 23:14:59 UTC

Almost 2 years for a security related bug in RedHat Linux???

Comment 2 Tomas Mraz 2004-11-10 11:02:03 UTC

Taking.

Comment 3 Jindrich Novy 2004-11-10 11:08:54 UTC

Tomas, I think the pam_unix_passwd.c should be responsible for that.

Comment 4 Tomas Mraz 2004-11-11 14:38:03 UTC

Fixed in rawhide.

Comment 5 Tomas Mraz 2004-11-16 13:34:21 UTC

*** Bug 136369 has been marked as a duplicate of this bug. ***

Comment 6 Tomas Mraz 2004-12-15 10:38:40 UTC

Reopening as I want to fix that for RHEL3 too.

Comment 8 Bas Meijer 2005-01-05 20:46:51 UTC

This bug is still here

# rpm -q pam
pam-0.75-62
# cat /etc/redhat-release 
Red Hat Enterprise Linux ES release 3 (Taroon Update 4)

# chattr +i /etc/shadow
# lsattr shadow
----i-------- shadow
# ls -l shadow
-rw-------    1 root     root         1691 Jan  5 21:39 shadow
# passwd bas
Changing password for user bas.
New password: 
Retype new password: 
passwd: all authentication tokens updated successfully.
# tail -1 shadow
bas:$1$ezz3juFV$DPfWBCHMFbEQStj0Q4fRT/:12788:0:99999:7:::
# ls -l shadow
-rw-------    1 root     root         1691 Jan  5 21:39 shadow
# 
# chattr -i /etc/shadow
# passwd bas
Changing password for user bas.
New password: 
Retype new password: 
passwd: all authentication tokens updated successfully.
# 
# ls -l shadow
-rw-------    1 root     root         1691 Jan  5 21:42 shadow
# rpm -q pam
pam-0.75-62
# cat /etc/redhat-release 
Red Hat Enterprise Linux ES release 3 (Taroon Update 4)

Comment 9 John Flanagan 2005-04-28 15:39:35 UTC

An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2005-064.html

Comment 10 Tim Powers 2005-05-18 14:49:07 UTC

An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2005-062.html

Note You need to log in before you can comment on or make changes to this bug.