sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-03 13:47:25 +03:00
Code

JHT ===> Fixed potential PAM Security hole and second chance syndrome

Browse Source 
spurious warning message "Warning - no crypt available"
This commit is contained in:
Samba Release Account -
parent e9a8ccb36b
commit dc559428b8
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
source/smbd/password.c
View File

@ -612,7 +612,16 @@ BOOL password_check(char *password)
{
#ifdef USE_PAM
/* This falls through if the password check fails
- if NO_CRYPT is defined this causes an error msg
saying Warning - no crypt available
- if NO_CRYPT is NOT defined this is a potential security hole
as it may authenticate via the crypt call when PAM
settings say it should fail.
if (pam_auth(this_user,password)) return(True);
Hence we make a direct return to avoid a second chance!!!
*/
return (pam_auth(this_user,password));
#endif
#ifdef AFS_AUTH