Security Enhanced Linux
What's New
Frequently Asked Questions
Background
Documents
License
Download
Participating
Mail List
Archives
Remaining Work
Contributors
Related Work
Press Releases
Information Assurance Research
NIARL In-house Research Areas
Mathematical Sciences Program
Sabbaticals
Computer & Information Sciences Research
Technology Transfer
Advanced Computing
Advanced Mathematics
Communications & Networking
Information Processing
Microelectronics
Other Technologies
Technology Fact Sheets
Publications
Related Links
|
SELinux Mailing Listroot and change of passwords
From: DeadManMoving <sequel_at_neofreak.org>
Date: Fri, 07 Jan 2005 14:09:00 -0500
i've recently find a bug in the implementation of SELinux in gentoo (http://bugs.gentoo.org/show_bug.cgi?id=76701) and debian (well, at least with md5 and shadow password enabled) that let root change other users passwords even when he's not in sysadm_r:sysadm_t context. I've then contacted the gentoo hardened team and told them about it. They've asked me to fill a bug report and told me it was surely a problem with pam and the SELinux patch for pam. Willing to try to fix the problem by myself, i've made an ebuild for pam with the latest SRPM of fedora pam implementation. That did not solve the problem. So i went back to the gentoo hardened team and told them my experience with the fedora pam implementation. They then told me they were now thinking the problem was with the passwd program from the shadow suite. That was making a lot of sense since fedora do not use the passwd program from the shadow suite but instead use the passwd suite (passwd package and libuser package) from red hat. Still willing to fix that, i've given the red hat passwd suite a try on my gentoo installation and yes! it works quite well! I say quite well (and here's my question) cause i see that root is still able to change his own password even not in the sysadm_r:sysadm_t context. Is that a desired behavior? Would that be easy to implement and more secure if root could only change his own password when in the sysadm_r:sysadm_t context? Thanks a lot for your time, Tony Lapointe -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.Received on Fri 7 Jan 2005 - 14:10:56 EST |
|
Date Posted: Jan 15, 2009 | Last Modified: Jan 15, 2009 | Last Reviewed: Jan 15, 2009 |