Jason Axley wrote: > > So, it sounds like now malicious users who can't read /etc/shadow in > order to grab encoded passwords to crack them can just do brute-force > password guessing without any lockout or auditing by simply piping > password guesses to the setuid kcheckpass program which will happily > check them against the shadow entries for correctness. If I understands it correctly they can only brute-force their own password... But if kcheckpass can be used to check any users password then I agree that this is a security risk. > Or maybe it would give up pieces of /etc/shadow from memory if > you could get it to coredump... Only if your run it on a system which allows coredumps for a suid/sgid program, which I think every one has agreed is a security risk in its own. And I also agree that kcheckpass should delay if the password is incorrect. This is to slow down any attempts to manually bruteforce a screen saver or any thing else relying on kcheckpass. It won't give any added security to the kcheckpass program, but to every program that uses it. --- Henrik Nordstrom
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:23:53 PDT