tech-security archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

passwd check from unpriliged programs (pkgsrc/pam-pwauth_suid)

There is that little pam module and helper program which
allows to check a user's password. The intention is that
screen savers and so don't need to be installed suid.

I'm trying to get an idea whether it needs to be slowed
down artificially so that it can't be abused to
brute-force a password.
On a 2GHz CPU, it takes less then a minute to try 10000
$ /usr/bin/time head -10000 /usr/share/dict/words |(while read w; do
> echo -n $w|/usr/pkg/libexec/pwauth_suid_helper drochner && echo $w
> done)
       44.08 real         0.00 user         0.15 sys

(This is with NetBSD's sh -- a bash needs 15s more btw.)

The program can only be used to check the passwd of the
user it was started as. Slowing it down would make it
more complex, might even require some signal masking.
So what's the feeling - it it a security risk, and if yes,
what's the best way to mitigate it?

best regards

Forschungszentrum Juelich GmbH
52425 Juelich

Sitz der Gesellschaft: Juelich
Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498
Vorsitzende des Aufsichtsrats: MinDir'in Baerbel Brumme-Bothe
Geschaeftsfuehrung: Prof. Dr. Achim Bachem (Vorsitzender),
Dr. Ulrich Krafft (stellv. Vorsitzender), Prof. Dr. Harald Bolt,
Dr. Sebastian M. Schmidt

Home | Main Index | Thread Index | Old Index