Subject: Re: su and resources not honored
To: Jeremy C. Reed <reed@reedmedia.net>
From: Bill Studenmund <wrstuden@netbsd.org>
List: tech-security
Date: 06/14/2006 17:21:26
--ZJcv+A0YCCLh2VIg
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Tue, Jun 13, 2006 at 07:50:59PM -0700, Jeremy C. Reed wrote:
> src/usr.bin/su/su_pam.c has:
>=20
> * Don't touch resource/priority settings if -m has been used
> * or -l and -c hasn't, and we're not su'ing to root.
> */
> if ((asme || (!asthem && class =3D=3D NULL)) && pwd->pw_uid)
> setwhat &=3D ~(LOGIN_SETPRIORITY|LOGIN_SETRESOURCES);
>=20
> if (setusercontext(lc, pwd, pwd->pw_uid, setwhat) =3D=3D -1)
> err(EXIT_FAILURE, "setusercontext");
>=20
> So using "su" (without -m for example), a user (who knows another user=20
> account's password) can login to that other user's account and because=20
> LOGIN_SETRESOURCES is not used their previous resources are in effect. Is=
=20
> that okay?
>=20
> This seems like a way a user can misuse resources. Comments?
If I understand things right, the way this would work is that user A would=
=20
log into user B's account but the process limits & such would be counted=20
against user A, correct? Or would they no longer be counted against user A=
=20
and user B would be well-above limits?
Take care,
Bill
--ZJcv+A0YCCLh2VIg
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (NetBSD)
iD8DBQFEkKgGWz+3JHUci9cRAvPBAJ9lzG8n3PuaguCZMNSXS1+g3EN9xACff5Yw
gyrN/VnfkRoFyUXBORwmN9A=
=Yw33
-----END PGP SIGNATURE-----
--ZJcv+A0YCCLh2VIg--