[Bug 732990] Re: libpam-krb5 writes to /tmp, does not work when disk is full.
Russ Allbery
rra at debian.org
Sun Feb 5 21:31:12 UTC 2012
As of libpam-krb5 4.5, the temporary ticket cache will be written to
ccache_dir rather than /tmp if ccache_dir is set. This version is in
Debian (and has been for a little bit), but it looks like it's not yet
been imported into Ubuntu.
** Changed in: libpam-krb5 (Ubuntu)
Status: New => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to libpam-krb5 in Ubuntu.
https://bugs.launchpad.net/bugs/732990
Title:
libpam-krb5 writes to /tmp, does not work when disk is full.
Status in “libpam-krb5” package in Ubuntu:
Fix Committed
Bug description:
Binary package hint: libpam-krb5
When creating a new ticket cache libpam-krb5 stashes the cache in a
temporary location;
api-auth.c: pamret = pamk5_cache_init_random(args, creds);
api-password.c: pamret = pamk5_cache_init_random(args, creds);
in cache.c: pamk5_cache_init_random:
char cache_name[] = "/tmp/krb5cc_pam_XXXXXX";
/* Store the obtained credentials in a temporary cache. */
pamret = pamk5_cache_mkstemp(args, cache_name);
if (pamret != PAM_SUCCESS)
return pamret;
If /tmp is full this call fails and the entire pam stack will fail.
When the rootfs is full users kind of expect to be able to do normal
operations such as unlocking their screen or using sudo to gain root
access to delete files.
It would be nice if we could control where the tempfile was written in
/etc/krb5.conf like many of the other pam options.
antarus at goats ~/local/libpam-krb5-4.2 $ lsb_release -rd
Description: Ubuntu 10.04.1 LTS
Release: 10.04
antarus at goats ~/local/libpam-krb5-4.2 $ apt-cache policy libpam-krb5
libpam-krb5:
Installed: 4.2-1
Candidate: 4.2-1
I expect to be able to configure libpam-krb5 to write to a tmpfs or
something that is harder to fill up. An attacker could fill /tmp and
cause any krb5-based authentication to fail.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libpam-krb5/+bug/732990/+subscriptions
More information about the foundations-bugs
mailing list