oath-toolkit: privilege escalation in pam_oath.so (SUSE Security Team Blog)
Date:
Fri, 04 Oct 2024 15:28:07 +0000
Description:
The SUSE Security Team Blog has a detailed
report on its discovery of a privilege escalation in the oath-toolkit ,
which provides libraries and utilities for managing one-time password
(OTP) authentication. Fellow SUSE engineer Fabian Vogt approached our
Security Team about
the project's PAM module. A couple of years ago, the module gained a
feature which allows to place the OTP state file (called usersfile) in
the home directory of the to-be-authenticated user. Fabian noticed
that the PAM module performs unsafe file operations in users' home
directories. Since PAM stacks typically run as root, this can easily
cause security issues.
======================================================================
Link to news story:
https://lwn.net/Articles/992948/
--- Mystic BBS v1.12 A47 (Linux/64)
* Origin: tqwNet UK HUB @ hub.uk.erb.pw (1337:1/100)