From a2d20838b0fff7ab583c9b501903ad6e0b8f68ae Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dag-Erling=20Sm=C3=B8rgrav?= Date: Wed, 30 Jan 2002 19:03:16 +0000 Subject: [PATCH] Move the code from pam_sm_authenticate() to pam_sm_acct_mgmt(). Simplify it a little and try to make it more resilient to various possible failure conditions. Change the man page accordingly, and take advantage of this opportunity to simplify its language. Sponsored by: DARPA, NAI Labs --- .../modules/pam_securetty/pam_securetty.8 | 43 ++++++----- .../modules/pam_securetty/pam_securetty.c | 77 +++++++++---------- 2 files changed, 58 insertions(+), 62 deletions(-) diff --git a/lib/libpam/modules/pam_securetty/pam_securetty.8 b/lib/libpam/modules/pam_securetty/pam_securetty.8 index efc931e25ae9..f600c315e08e 100644 --- a/lib/libpam/modules/pam_securetty/pam_securetty.8 +++ b/lib/libpam/modules/pam_securetty/pam_securetty.8 @@ -1,5 +1,12 @@ .\" Copyright (c) 2001 Mark R V Murray .\" All rights reserved. +.\" Copyright (c) 2002 Networks Associates Technologies, Inc. +.\" All rights reserved. +.\" +.\" Portions of this software were developed for the FreeBSD Project by +.\" ThinkSec AS and NAI Labs, the Security Research Division of Network +.\" Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -9,6 +16,9 @@ .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. +.\" 3. The name of the author may not be used to endorse or promote +.\" products derived from this software without specific prior written +.\" permission. .\" .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE @@ -37,34 +47,27 @@ .Pa pam_securetty .Op Ar options .Sh DESCRIPTION -The SecureTTY authentication service module for PAM, +The SecureTTY service module for PAM, .Nm provides functionality for only one PAM category: -authentication. +account management. In terms of the .Ar module-type parameter, this is the -.Dq Li auth +.Dq Li account feature. -It also provides a null function for session management. -.Ss SecureTTY Authentication Module -The SecureTTY authentication component -.Pq Fn pam_sm_authenticate , -returns success if the user is attempting to authenticate as superuser, -and the process is attached to a secure TTY. -Alternatively, -if the user is not authenticating as superuser, -the module always returns success. +It also provides null functions for authentication and session +management. +.Ss SecureTTY Account Management Module +The SecureTTY account management component +.Pq Fn pam_sm_acct_mgmt , +returns failure if the user is attempting to authenticate as superuser, +and the process is attached to an insecure TTY. +In all other cases, the module returns success. .Pp -A TTY is defined as secure if its entry is fetchable from +A TTY is considered secure if it is listed in .Pa /etc/ttys -by -.Xr getttynam 3 -(see -.Xr ttys 5 ) , -and the entry (a -.Vt "struct ttyent" ) -has the +and has the .Dv TTY_SECURE flag set. .Pp diff --git a/lib/libpam/modules/pam_securetty/pam_securetty.c b/lib/libpam/modules/pam_securetty/pam_securetty.c index cb7f23d33d46..7318c4c4180d 100644 --- a/lib/libpam/modules/pam_securetty/pam_securetty.c +++ b/lib/libpam/modules/pam_securetty/pam_securetty.c @@ -57,52 +57,12 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t * pamh, int flags __unused, int argc, const char **argv) { struct options options; - struct ttyent *ttyfileinfo; - struct passwd *pwd; - int retval; - const char *user, *ttyname; pam_std_option(&options, NULL, argc, argv); PAM_LOG("Options processed"); - retval = pam_get_user(pamh, &user, NULL); - if (retval != PAM_SUCCESS) - PAM_RETURN(retval); - - PAM_LOG("Got user: %s", user); - - retval = pam_get_item(pamh, PAM_TTY, (const void **)&ttyname); - if (retval != PAM_SUCCESS) - PAM_RETURN(retval); - - PAM_LOG("Got TTY: %s", ttyname); - - /* Ignore any "/dev/" on the PAM_TTY item */ - if (strncmp(TTY_PREFIX, ttyname, sizeof(TTY_PREFIX) - 1) == 0) - ttyname += sizeof(TTY_PREFIX) - 1; - - /* If the user is not root, secure ttys do not apply */ - pwd = getpwnam(user); - if (pwd == NULL) - PAM_RETURN(PAM_IGNORE); - else if (pwd->pw_uid != 0) - PAM_RETURN(PAM_SUCCESS); - - PAM_LOG("User is not root"); - - ttyfileinfo = getttynam(ttyname); - if (ttyfileinfo == NULL) - PAM_RETURN(PAM_SERVICE_ERR); - - PAM_LOG("Got ttyfileinfo"); - - if (ttyfileinfo->ty_status & TTY_SECURE) - PAM_RETURN(PAM_SUCCESS); - else { - PAM_VERBOSE_ERROR("Not on secure TTY"); - PAM_RETURN(PAM_PERM_DENIED); - } + PAM_RETURN(PAM_IGNORE); } PAM_EXTERN @@ -122,12 +82,45 @@ PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t *pamh __unused, int flags __unused, int argc ,const char **argv) { struct options options; + struct passwd *pwd; + struct ttyent *ty; + const char *user, *tty; + int pam_err; pam_std_option(&options, NULL, argc, argv); PAM_LOG("Options processed"); - PAM_RETURN(PAM_IGNORE); + pam_err = pam_get_user(pamh, &user, NULL); + if (pam_err != PAM_SUCCESS) + PAM_RETURN(pam_err); + if (user == NULL || (pwd = getpwnam(user)) == NULL) + PAM_RETURN(PAM_SERVICE_ERR); + + PAM_LOG("Got user: %s", user); + + /* If the user is not root, secure ttys do not apply */ + if (pwd->pw_uid != 0) + PAM_RETURN(PAM_SUCCESS); + + pam_err = pam_get_item(pamh, PAM_TTY, (const void **)&tty); + if (pam_err != PAM_SUCCESS) + PAM_RETURN(pam_err); + + PAM_LOG("Got TTY: %s", tty); + + /* Ignore any "/dev/" on the PAM_TTY item */ + if (tty != NULL && strncmp(TTY_PREFIX, tty, sizeof(TTY_PREFIX)) == 0) { + PAM_LOG("WARNING: PAM_TTY starts with " TTY_PREFIX); + tty += sizeof(TTY_PREFIX) - 1; + } + + if (tty != NULL && (ty = getttynam(tty)) != NULL && + (ty->ty_status & TTY_SECURE) != 0) + PAM_RETURN(PAM_SUCCESS); + + PAM_VERBOSE_ERROR("Not on secure TTY"); + PAM_RETURN(PAM_AUTH_ERR); } PAM_EXTERN int