local authentication spoofing using libnss-ldap
Hi List,
I am using the libnss-ldap and libpam-ldap packages with default configuration.
NSS is configured to allow passwd and group resolution over ldap.
user@host:~$ cat /etc/nsswitch.conf
passwd: compat ldap
group: compat ldap
shadow: compat ldap
If a user account exists in local /etc/passwd and in the ldap database, the user
can authenticate with both passwords, but is always logged in as the local user.
It seems to mee that nss should resolve the correct uid.
I can create a ldap account named 'root', with a weak password and uid 12345,
then su - on the system and log in as root with the weak password, and get uid 0.
It's not debian related, but I would like to know if this is a misconfiguration.
Any advice ?
Regards,
Yann
Reply to: