[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Big security hole in (my config of) PAM

Whenever I add the line 

auth    required       pam_securetty.so

to my /etc/pam.d/common-auth

Then ANY user can log in with ANY password (or with no password at

Here's the file:

#auth    required       pam_securetty.so
auth    required        pam_nologin.so
auth    sufficient      pam_unix.so nullok_secure 
auth    sufficient      pam_winbind.so use_first_pass

And /var/log/auth.log shows:

Aug 17 07:32:11 cornea login[7604]: (pam_unix) authentication failure;
logname=LOGIN uid=0 euid=0 tty=tty1 ruser= rhost=  user=root
Aug 17 07:32:11 cornea pam_winbind[7604]: request failed: No such
user, PAM error was 10, NT error was NT_STATUS_NO_SUCH_USER
Aug 17 07:32:11 cornea login[7604]: (pam_unix) session opened for user
root by LOGIN(uid=0)
Aug 17 07:32:11 cornea login[7604]: ROOT LOGIN  on `tty1'

What's going on?

PGP Public key ID: 1024D/2DE827B3 
fingerprint = 8797 A26D 0854 2EAB 0285  A290 8A67 719C 2DE8 27B3
See http://wwwkeys.pgp.net or any PGP keyserver for public key.

Attachment: pgpqAt7E2p1b0.pgp
Description: PGP signature

Reply to: