pam limits drops privileges

[Marcin Bohosiewicz]

On Sun, 9 Sep 2001, Lukasz Trabinski wrote:

Czy nasz PAM z PLD jest na to uczulony?

M.


> On Sat, 8 Sep 2001, Tarhon-Onu Victor wrote:
> 
> > 	Man, come on, let test login, what the hell?! I want to show there
> > is a bug here, not to give you the oportunity to show everyone that your
> > limits work. They work for me too, but you're missing the point. I told
> > you to kill all test's processes before trying this. Well, you didn't, and
> > that's why it doesn't work.
> 
> OK, sorry!
> I would like to CONFIRM this bug :-), My last tests was not very
> precisely. :)
> 
> There is a little test:
> 
> There is a test user:
> 
> lt:~$ id test
> uid=503(test) gid=509(test) groups=509(test)
> pam-0.74-22
> 
> Only root is login on console tty1
> 
> Now, I try login as user test on tty2:
> 
> login: test
> Password:
> Last login: Sun Sep  9 18:29:38 on tty2
> lt:~# id
> uid=0(root) gid=0(root) groups=509(test)
> 
> Taadam. Test user has uid=0 and gid=0 :-)
> 
> 
> 
> If we remove line:
> @test           -       maxlogins       2
> from /etc/security/limits.conf
> or line:
> session    required     /lib/security/pam_limits.so
> from /etc/pam.d/login it's works correctly, we can login as test on tty2
> without root privilege. :-)
> 
> login: test
> Password:
> Last login: Sun Sep  9 18:29:28 on tty1
> lt:~$ id
> uid=503(test) gid=509(test) groups=509(test)
> 
> 
> bash-2.05$ rpm -q pam
> pam-0.74-22
> bash-2.05$ uname -r
> 2.4.9
> 
> 
> 
> -- 
> *[ Łukasz Trąbiński ]*
> SysAdmin @wsisiz.edu.pl
> 


-- 
-| == Marcin Bohosiewicz - MB8042-RIPE - marcus w venus.pk.edu.pl == |-
-| == tel. +48 601 485097 - PLD Team   - marcus w pld.org.pl      == |-
-| == Strona Domowa   -      http://venus.wis.pk.edu.pl/marcus/ == |-
-| == PLUG - Sad Kolezenski        -   http://www.linux.org.pl/ == |-