diff options
| author | des <des@FreeBSD.org> | 2002-01-21 18:53:03 +0000 |
|---|---|---|
| committer | des <des@FreeBSD.org> | 2002-01-21 18:53:03 +0000 |
| commit | aeaf48654b44a82de8184306336559b75708d4a9 (patch) | |
| tree | 50492c76dd78b4989ed83a7e31a4029f3a4b7e46 | |
| parent | 2de07ddf809f3a6c528e3649a37601574defc6fa (diff) | |
| download | FreeBSD-src-aeaf48654b44a82de8184306336559b75708d4a9.zip FreeBSD-src-aeaf48654b44a82de8184306336559b75708d4a9.tar.gz | |
Return PAM_SERVICE_ERR rather than PAM_USER_UNKNOWN if getpwnam() fails, as
PAM_USER_UNKNOWN will break the chain, revealing to an attacker that the
user does not exist.
Sponsored by: DARPA, NAI Labs
| -rw-r--r-- | lib/libpam/modules/pam_opieaccess/pam_opieaccess.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/libpam/modules/pam_opieaccess/pam_opieaccess.c b/lib/libpam/modules/pam_opieaccess/pam_opieaccess.c index 79e92ce..a2716f5 100644 --- a/lib/libpam/modules/pam_opieaccess/pam_opieaccess.c +++ b/lib/libpam/modules/pam_opieaccess/pam_opieaccess.c @@ -73,7 +73,7 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) pwent = getpwnam(luser); if (pwent == NULL) - PAM_RETURN(PAM_USER_UNKNOWN); + PAM_RETURN(PAM_SERVICE_ERR); if (opielookup(&opie, luser) != 0) PAM_RETURN(PAM_IGNORE); |
