[Bug 604593] Re: pam_unix "account" returns success on a user with an invalid shadow password.
Steve Langasek
steve.langasek at canonical.com
Wed Jun 8 07:04:07 UTC 2011
Thank you for reporting this issue and helping to improve Ubuntu.
This is not a bug in pam_unix, which is deliberately configured such
that a successful authorization return from either pam_unix *or* another
stacked module is sufficient to permit a login. If pam_ldap access
checks should always be enforced *in addition* to pam_unix, then
pam_ldap's pam-auth-update profile should declare itself Account-Type:
additional.
This appears to be the same as Debian bug #583483.
** Package changed: pam (Ubuntu) => libpam-ldap (Ubuntu)
** Bug watch added: Debian Bug tracker #583483
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=583483
** Also affects: libpam-ldap (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=583483
Importance: Unknown
Status: Unknown
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libpam-ldap in Ubuntu.
https://bugs.launchpad.net/bugs/604593
Title:
pam_unix "account" returns success on a user with an invalid shadow
password.
More information about the Ubuntu-server-bugs
mailing list