d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Return PAM_SERVICE_ERR rather than PAM_USER_UNKNOWN if getpwnam() fails, as

Browse Source 
PAM_USER_UNKNOWN will break the chain, revealing to an attacker that the
user does not exist.

Sponsored by:	DARPA, NAI Labs
This commit is contained in:
Dag-Erling Smørgrav 2002-01-21 18:53:03 +00:00
parent ae739ec469
commit b4b56d051a
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/libpam/modules/pam_opieaccess/pam_opieaccess.c
View File

@ -73,7 +73,7 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv)
pwent = getpwnam(luser);
if (pwent == NULL)
PAM_RETURN(PAM_USER_UNKNOWN);
PAM_RETURN(PAM_SERVICE_ERR);
if (opielookup(&opie, luser) != 0)
PAM_RETURN(PAM_IGNORE);