The NetBSD Project

CVS log for src/lib/libpam/modules/pam_ksu/pam_ksu.c

[BACK] Up to [cvs.NetBSD.org] / src / lib / libpam / modules / pam_ksu

Request diff between arbitrary revisions


Default branch: MAIN


Revision 1.9.18.2 / (download) - annotate - [select for diffs], Fri Sep 8 09:09:56 2023 UTC (5 months, 2 weeks ago) by martin
Branch: netbsd-8
Changes since 1.9.18.1: +4 -2 lines
Diff to previous 1.9.18.1 (colored) to branchpoint 1.9 (colored) next main 1.10 (colored)

Pull up following revision(s) (requested by riastradh in ticket #1896):

	lib/libpam/modules/pam_ksu/pam_ksu.c: revision 1.11

pam_ksu(8): Allow homedir access during kuserok.

Otherwise, the default kuserok logic to look at ~targetuser/.k5login
would be blocked by the security measure to thwart NetBSD-SA2023-005.

(There are other ways, e.g. setting SYSTEM-K5LOGIN in /etc/krb5.conf
so the file is /etc/k5login.d/user instead of ~user/.k5login, but
that's not the default configuration and there are plenty of
deployments that rely on ~user/.k5login today.)

I reviewed libkrb5 for homedir access checks.  There are three:
1. krb5_config_parse_file_multi, called only by:
   - verify_krb5_conf -- not relevant
   - krb5_config_parse_file -- not used here as far as I can tell,
     only by libhdb ldap logic and test code in heimdal
   - krb5_set_config_files -- used here only via krb5_init_context,
     which is done at this point
2. plugin_get_hosts in krbhst.c, used to look up hosts for KDC I/O,
   which shouldn't be happening at this point, so this is almost
   certainly unreachable; also it only appears to control whether
   some old plugin API can be used, long after we have read the krb5
   config controlling which plugins are available, so this is
   probably harmless
3. krb5_kuserok, which is the one we want to allow

Note: This will have to be updated again in the next Heimdal update,
which eliminates the global homedir access flag in favour of making
the default per-context homedir access flag conditional on !issuid.

Revision 1.9.28.2 / (download) - annotate - [select for diffs], Fri Sep 8 09:08:13 2023 UTC (5 months, 2 weeks ago) by martin
Branch: netbsd-9
Changes since 1.9.28.1: +4 -2 lines
Diff to previous 1.9.28.1 (colored) to branchpoint 1.9 (colored) next main 1.10 (colored)

Pull up following revision(s) (requested by riastradh in ticket #1728):

	lib/libpam/modules/pam_ksu/pam_ksu.c: revision 1.11

pam_ksu(8): Allow homedir access during kuserok.

Otherwise, the default kuserok logic to look at ~targetuser/.k5login
would be blocked by the security measure to thwart NetBSD-SA2023-005.

(There are other ways, e.g. setting SYSTEM-K5LOGIN in /etc/krb5.conf
so the file is /etc/k5login.d/user instead of ~user/.k5login, but
that's not the default configuration and there are plenty of
deployments that rely on ~user/.k5login today.)

I reviewed libkrb5 for homedir access checks.  There are three:
1. krb5_config_parse_file_multi, called only by:
   - verify_krb5_conf -- not relevant
   - krb5_config_parse_file -- not used here as far as I can tell,
     only by libhdb ldap logic and test code in heimdal
   - krb5_set_config_files -- used here only via krb5_init_context,
     which is done at this point
2. plugin_get_hosts in krbhst.c, used to look up hosts for KDC I/O,
   which shouldn't be happening at this point, so this is almost
   certainly unreachable; also it only appears to control whether
   some old plugin API can be used, long after we have read the krb5
   config controlling which plugins are available, so this is
   probably harmless
3. krb5_kuserok, which is the one we want to allow

Note: This will have to be updated again in the next Heimdal update,
which eliminates the global homedir access flag in favour of making
the default per-context homedir access flag conditional on !issuid.

Revision 1.9.36.2 / (download) - annotate - [select for diffs], Fri Sep 8 09:06:21 2023 UTC (5 months, 2 weeks ago) by martin
Branch: netbsd-10
CVS Tags: netbsd-10-0-RC4, netbsd-10-0-RC3, netbsd-10-0-RC2, netbsd-10-0-RC1
Changes since 1.9.36.1: +4 -2 lines
Diff to previous 1.9.36.1 (colored) to branchpoint 1.9 (colored) next main 1.10 (colored)

Pull up following revision(s) (requested by riastradh in ticket #357):

	lib/libpam/modules/pam_ksu/pam_ksu.c: revision 1.11

pam_ksu(8): Allow homedir access during kuserok.

Otherwise, the default kuserok logic to look at ~targetuser/.k5login
would be blocked by the security measure to thwart NetBSD-SA2023-005.

(There are other ways, e.g. setting SYSTEM-K5LOGIN in /etc/krb5.conf
so the file is /etc/k5login.d/user instead of ~user/.k5login, but
that's not the default configuration and there are plenty of
deployments that rely on ~user/.k5login today.)

I reviewed libkrb5 for homedir access checks.  There are three:
1. krb5_config_parse_file_multi, called only by:
   - verify_krb5_conf -- not relevant
   - krb5_config_parse_file -- not used here as far as I can tell,
     only by libhdb ldap logic and test code in heimdal
   - krb5_set_config_files -- used here only via krb5_init_context,
     which is done at this point
2. plugin_get_hosts in krbhst.c, used to look up hosts for KDC I/O,
   which shouldn't be happening at this point, so this is almost
   certainly unreachable; also it only appears to control whether
   some old plugin API can be used, long after we have read the krb5
   config controlling which plugins are available, so this is
   probably harmless
3. krb5_kuserok, which is the one we want to allow

Note: This will have to be updated again in the next Heimdal update,
which eliminates the global homedir access flag in favour of making
the default per-context homedir access flag conditional on !issuid.

Revision 1.11 / (download) - annotate - [select for diffs], Thu Sep 7 11:27:57 2023 UTC (5 months, 2 weeks ago) by riastradh
Branch: MAIN
CVS Tags: HEAD
Changes since 1.10: +4 -2 lines
Diff to previous 1.10 (colored)

pam_ksu(8): Allow homedir access during kuserok.

Otherwise, the default kuserok logic to look at ~targetuser/.k5login
would be blocked by the security measure to thwart NetBSD-SA2023-005.

(There are other ways, e.g. setting SYSTEM-K5LOGIN in /etc/krb5.conf
so the file is /etc/k5login.d/user instead of ~user/.k5login, but
that's not the default configuration and there are plenty of
deployments that rely on ~user/.k5login today.)

I reviewed libkrb5 for homedir access checks.  There are three:

1. krb5_config_parse_file_multi, called only by:
   - verify_krb5_conf -- not relevant
   - krb5_config_parse_file -- not used here as far as I can tell,
     only by libhdb ldap logic and test code in heimdal
   - krb5_set_config_files -- used here only via krb5_init_context,
     which is done at this point

2. plugin_get_hosts in krbhst.c, used to look up hosts for KDC I/O,
   which shouldn't be happening at this point, so this is almost
   certainly unreachable; also it only appears to control whether
   some old plugin API can be used, long after we have read the krb5
   config controlling which plugins are available, so this is
   probably harmless

3. krb5_kuserok, which is the one we want to allow

Note: This will have to be updated again in the next Heimdal update,
which eliminates the global homedir access flag in favour of making
the default per-context homedir access flag conditional on !issuid.

XXX pullup-10
XXX pullup-9
XXX pullup-8

Revision 1.9.18.1 / (download) - annotate - [select for diffs], Wed Jun 21 22:08:16 2023 UTC (8 months ago) by martin
Branch: netbsd-8
Changes since 1.9: +11 -5 lines
Diff to previous 1.9 (colored)

Pull up following revision(s) (requested by riastradh in ticket #1845):

	lib/libpam/modules/pam_ksu/pam_ksu.c: revision 1.10

pam_ksu: No need for homedir access.

Revision 1.9.28.1 / (download) - annotate - [select for diffs], Wed Jun 21 22:07:06 2023 UTC (8 months ago) by martin
Branch: netbsd-9
Changes since 1.9: +11 -5 lines
Diff to previous 1.9 (colored)

Pull up following revision(s) (requested by riastradh in ticket #1653):

	lib/libpam/modules/pam_ksu/pam_ksu.c: revision 1.10

pam_ksu: No need for homedir access.

Revision 1.9.36.1 / (download) - annotate - [select for diffs], Wed Jun 21 22:05:30 2023 UTC (8 months ago) by martin
Branch: netbsd-10
Changes since 1.9: +11 -5 lines
Diff to previous 1.9 (colored)

Pull up following revision(s) (requested by riastradh in ticket #207):

	lib/libpam/modules/pam_ksu/pam_ksu.c: revision 1.10

pam_ksu: No need for homedir access.

Revision 1.10 / (download) - annotate - [select for diffs], Tue Jun 20 22:17:09 2023 UTC (8 months ago) by riastradh
Branch: MAIN
Changes since 1.9: +11 -5 lines
Diff to previous 1.9 (colored)

pam_ksu: No need for homedir access.

Revision 1.6.10.1 / (download) - annotate - [select for diffs], Wed Aug 20 00:02:19 2014 UTC (9 years, 6 months ago) by tls
Branch: tls-maxphys
Changes since 1.6: +11 -13 lines
Diff to previous 1.6 (colored) next main 1.7 (colored)

Rebase to HEAD as of a few days ago.

Revision 1.6.4.1 / (download) - annotate - [select for diffs], Thu May 22 11:36:58 2014 UTC (9 years, 9 months ago) by yamt
Branch: yamt-pagecache
Changes since 1.6: +11 -13 lines
Diff to previous 1.6 (colored) next main 1.7 (colored)

sync with head.

for a reference, the tree before this commit was tagged
as yamt-pagecache-tag8.

this commit was splitted into small chunks to avoid
a limitation of cvs.  ("Protocol error: too many arguments")

Revision 1.9 / (download) - annotate - [select for diffs], Thu Feb 27 18:09:38 2014 UTC (9 years, 11 months ago) by joerg
Branch: MAIN
CVS Tags: yamt-pagecache-base9, tls-maxphys-base, tls-earlyentropy-base, tls-earlyentropy, riastradh-xf86-video-intel-2-7-1-pre-2-21-15, riastradh-drm2-base3, prg-localcount2-base3, prg-localcount2-base2, prg-localcount2-base1, prg-localcount2-base, prg-localcount2, phil-wifi-base, phil-wifi-20200421, phil-wifi-20200411, phil-wifi-20200406, phil-wifi-20191119, phil-wifi-20190609, phil-wifi, pgoyette-localcount-base, pgoyette-localcount-20170426, pgoyette-localcount-20170320, pgoyette-localcount-20170107, pgoyette-localcount-20161104, pgoyette-localcount-20160806, pgoyette-localcount-20160726, pgoyette-localcount, pgoyette-compat-merge-20190127, pgoyette-compat-base, pgoyette-compat-20190127, pgoyette-compat-20190118, pgoyette-compat-1226, pgoyette-compat-1126, pgoyette-compat-1020, pgoyette-compat-0930, pgoyette-compat-0906, pgoyette-compat-0728, pgoyette-compat-0625, pgoyette-compat-0521, pgoyette-compat-0502, pgoyette-compat-0422, pgoyette-compat-0415, pgoyette-compat-0407, pgoyette-compat-0330, pgoyette-compat-0322, pgoyette-compat-0315, pgoyette-compat, perseant-stdc-iso10646-base, perseant-stdc-iso10646, netbsd-9-base, netbsd-9-3-RELEASE, netbsd-9-2-RELEASE, netbsd-9-1-RELEASE, netbsd-9-0-RELEASE, netbsd-9-0-RC2, netbsd-9-0-RC1, netbsd-8-base, netbsd-8-2-RELEASE, netbsd-8-1-RELEASE, netbsd-8-1-RC1, netbsd-8-0-RELEASE, netbsd-8-0-RC2, netbsd-8-0-RC1, netbsd-7-nhusb-base-20170116, netbsd-7-nhusb-base, netbsd-7-nhusb, netbsd-7-base, netbsd-7-2-RELEASE, netbsd-7-1-RELEASE, netbsd-7-1-RC2, netbsd-7-1-RC1, netbsd-7-1-2-RELEASE, netbsd-7-1-1-RELEASE, netbsd-7-1, netbsd-7-0-RELEASE, netbsd-7-0-RC3, netbsd-7-0-RC2, netbsd-7-0-RC1, netbsd-7-0-2-RELEASE, netbsd-7-0-1-RELEASE, netbsd-7-0, netbsd-7, netbsd-10-base, matt-nb8-mediatek-base, matt-nb8-mediatek, localcount-20160914, is-mlppp-base, is-mlppp, cjep_sun2x-base1, cjep_sun2x-base, cjep_sun2x, cjep_staticlib_x-base1, cjep_staticlib_x-base, cjep_staticlib_x, bouyer-socketcan-base1, bouyer-socketcan-base, bouyer-socketcan
Branch point for: netbsd-9, netbsd-8, netbsd-10
Changes since 1.8: +2 -4 lines
Diff to previous 1.8 (colored)

Remove tautological check.

Revision 1.8 / (download) - annotate - [select for diffs], Sun Dec 29 22:54:58 2013 UTC (10 years, 1 month ago) by christos
Branch: MAIN
Changes since 1.7: +8 -8 lines
Diff to previous 1.7 (colored)

Fix incorrect types

Revision 1.7 / (download) - annotate - [select for diffs], Sat Dec 28 18:04:03 2013 UTC (10 years, 1 month ago) by christos
Branch: MAIN
Changes since 1.6: +5 -5 lines
Diff to previous 1.6 (colored)

avoid using freed pointers and non-format strings

Revision 1.6 / (download) - annotate - [select for diffs], Mon Apr 25 22:03:20 2011 UTC (12 years, 10 months ago) by christos
Branch: MAIN
CVS Tags: yamt-pagecache-tag8, yamt-pagecache-base8, yamt-pagecache-base7, yamt-pagecache-base6, yamt-pagecache-base5, yamt-pagecache-base4, yamt-pagecache-base3, yamt-pagecache-base2, yamt-pagecache-base, riastradh-drm2-base2, riastradh-drm2-base1, riastradh-drm2-base, riastradh-drm2, netbsd-6-base, netbsd-6-1-RELEASE, netbsd-6-1-RC4, netbsd-6-1-RC3, netbsd-6-1-RC2, netbsd-6-1-RC1, netbsd-6-1-5-RELEASE, netbsd-6-1-4-RELEASE, netbsd-6-1-3-RELEASE, netbsd-6-1-2-RELEASE, netbsd-6-1-1-RELEASE, netbsd-6-1, netbsd-6-0-RELEASE, netbsd-6-0-RC2, netbsd-6-0-RC1, netbsd-6-0-6-RELEASE, netbsd-6-0-5-RELEASE, netbsd-6-0-4-RELEASE, netbsd-6-0-3-RELEASE, netbsd-6-0-2-RELEASE, netbsd-6-0-1-RELEASE, netbsd-6-0, netbsd-6, matt-nb6-plus-nbase, matt-nb6-plus-base, matt-nb6-plus, cherry-xenmp-base, cherry-xenmp, agc-symver-base, agc-symver
Branch point for: yamt-pagecache, tls-maxphys
Changes since 1.5: +3 -3 lines
Diff to previous 1.5 (colored)

fix pasto (of no consequence)

Revision 1.5 / (download) - annotate - [select for diffs], Mon Apr 25 22:01:04 2011 UTC (12 years, 10 months ago) by christos
Branch: MAIN
Changes since 1.4: +25 -24 lines
Diff to previous 1.4 (colored)

- make log_krb5 varyadic and merge the last error message.
- check for NULL context.
- print a more meaningful error when things go south

Revision 1.4 / (download) - annotate - [select for diffs], Sun Apr 24 18:53:55 2011 UTC (12 years, 10 months ago) by elric
Branch: MAIN
Changes since 1.3: +38 -15 lines
Diff to previous 1.3 (colored)

Stop using functions that are marked as deprecated in Heimdal.

Revision 1.2.34.1 / (download) - annotate - [select for diffs], Wed May 13 19:18:35 2009 UTC (14 years, 9 months ago) by jym
Branch: jym-xensuspend
Changes since 1.2: +8 -7 lines
Diff to previous 1.2 (colored) next main 1.3 (colored)

Sync with HEAD.

Third (and last) commit. See http://mail-index.netbsd.org/source-changes/2009/05/13/msg221222.html

Revision 1.3 / (download) - annotate - [select for diffs], Sun Mar 8 19:38:03 2009 UTC (14 years, 11 months ago) by christos
Branch: MAIN
CVS Tags: matt-premerge-20091211, matt-mips64-premerge-20101231, jym-xensuspend-nbase, jym-xensuspend-base, bouyer-quota2-nbase, bouyer-quota2-base, bouyer-quota2
Changes since 1.2: +8 -7 lines
Diff to previous 1.2 (colored)

consistency in password prompt setting code (and with ssh)

Revision 1.2 / (download) - annotate - [select for diffs], Sun Dec 12 08:18:46 2004 UTC (19 years, 2 months ago) by christos
Branch: MAIN
CVS Tags: yamt-pf42-baseX, yamt-pf42-base4, yamt-pf42-base3, yamt-pf42-base2, yamt-pf42-base, yamt-pf42, wrstuden-revivesa-base-3, wrstuden-revivesa-base-2, wrstuden-revivesa-base-1, wrstuden-revivesa-base, wrstuden-revivesa, wrstuden-fixsa-newbase, wrstuden-fixsa-base-1, wrstuden-fixsa-base, wrstuden-fixsa, netbsd-5-base, netbsd-5-2-RELEASE, netbsd-5-2-RC1, netbsd-5-2-3-RELEASE, netbsd-5-2-2-RELEASE, netbsd-5-2-1-RELEASE, netbsd-5-2, netbsd-5-1-RELEASE, netbsd-5-1-RC4, netbsd-5-1-RC3, netbsd-5-1-RC2, netbsd-5-1-RC1, netbsd-5-1-5-RELEASE, netbsd-5-1-4-RELEASE, netbsd-5-1-3-RELEASE, netbsd-5-1-2-RELEASE, netbsd-5-1-1-RELEASE, netbsd-5-1, netbsd-5-0-RELEASE, netbsd-5-0-RC4, netbsd-5-0-RC3, netbsd-5-0-RC2, netbsd-5-0-RC1, netbsd-5-0-2-RELEASE, netbsd-5-0-1-RELEASE, netbsd-5-0, netbsd-5, netbsd-4-base, netbsd-4-0-RELEASE, netbsd-4-0-RC5, netbsd-4-0-RC4, netbsd-4-0-RC3, netbsd-4-0-RC2, netbsd-4-0-RC1, netbsd-4-0-1-RELEASE, netbsd-4-0, netbsd-4, netbsd-3-base, netbsd-3-1-RELEASE, netbsd-3-1-RC4, netbsd-3-1-RC3, netbsd-3-1-RC2, netbsd-3-1-RC1, netbsd-3-1-1-RELEASE, netbsd-3-1, netbsd-3-0-RELEASE, netbsd-3-0-RC6, netbsd-3-0-RC5, netbsd-3-0-RC4, netbsd-3-0-RC3, netbsd-3-0-RC2, netbsd-3-0-RC1, netbsd-3-0-3-RELEASE, netbsd-3-0-2-RELEASE, netbsd-3-0-1-RELEASE, netbsd-3-0, netbsd-3, mjf-devfs2-base, mjf-devfs2, matt-nb5-pq3-base, matt-nb5-pq3, matt-nb5-mips64-u2-k2-k4-k7-k8-k9, matt-nb5-mips64-u1-k1-k5, matt-nb5-mips64-premerge-20101231, matt-nb5-mips64-premerge-20091211, matt-nb5-mips64-k15, matt-nb5-mips64, matt-nb4-mips64-k7-u2a-k9b, matt-mips64-base2, matt-mips64-base, matt-mips64, matt-armv6-prevmlocking, matt-armv6-nbase, matt-armv6-base, matt-armv6, keiichi-mipv6-base, keiichi-mipv6, hpcarm-cleanup-nbase, hpcarm-cleanup-base, hpcarm-cleanup, cube-autoconf-base, cube-autoconf, abandoned-netbsd-4-base, abandoned-netbsd-4
Branch point for: jym-xensuspend
Changes since 1.1: +7 -1 lines
Diff to previous 1.1 (colored)

- NetBSD build glue
- Warning fixes
- RCSID's

Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Sun Dec 12 06:50:17 2004 UTC (19 years, 2 months ago) by christos
Branch: FREEBSD
CVS Tags: PAM20050226, PAM20041212
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored)

- Import freebsd's version of libpam as of today (20041212).
- Did not import opie, passwdqc, tacplus. We need to decide what to do
  with them.
- Imported radius and ssh, although they will not work until we
  import libradius and re-structure our tree to install libssh.

Revision 1.1 / (download) - annotate - [select for diffs], Sun Dec 12 06:50:17 2004 UTC (19 years, 2 months ago) by christos
Branch: MAIN

Initial revision

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.




CVSweb <webmaster@jp.NetBSD.org>