Subj : oath-toolkit: privilege escalation in pam_oath.so (SUSE Security Team
To   : All
From : LWN.net
Date : Fri Oct 04 2024 16:30:05

oath-toolkit: privilege escalation in pam_oath.so (SUSE Security Team Blog)

Date:
Fri, 04 Oct 2024 15:28:07 +0000

Description:
The SUSE Security Team Blog has a detailed
report on its discovery of a privilege escalation in the oath-toolkit ,
which provides libraries and utilities for managing one-time password
(OTP) authentication. Fellow SUSE engineer Fabian Vogt approached our 
Security Team about
the project's PAM module. A couple of years ago, the module gained a
feature which allows to place the OTP state file (called usersfile) in
the home directory of the to-be-authenticated user. Fabian noticed
that the PAM module performs unsafe file operations in users' home
directories. Since PAM stacks typically run as root, this can easily
cause security issues.

======================================================================
Link to news story:
https://lwn.net/Articles/992948/


--- Mystic BBS v1.12 A47 (Linux/64)
 * Origin: tqwNet UK HUB @ hub.uk.erb.pw (1337:1/100)

.