Ticket 6184

Summary: pam_slurm_adopt: security fixes and hardening
Product: Slurm Reporter: Matthias Gerstner <matthias.gerstner>
Component: OtherAssignee: Danny Auble <da>
Status: RESOLVED FIXED QA Contact:
Severity: C - Contributions    
Priority: ---    
Version: 19.05.x   
Hardware: Linux   
OS: Linux   
Site: -Other- Alineos Sites: ---
Atos/Eviden Sites: --- Confidential Site: ---
Coreweave sites: --- Cray Sites: ---
DS9 clusters: --- HPCnow Sites: ---
HPE Sites: --- IBM Sites: ---
NOAA SIte: --- OCF Sites: ---
Recursion Pharma Sites: --- SFW Sites: ---
SNIC sites: --- Linux Distro: ---
Machine Name: CLE Version:
Version Fixed: 19.05.0pre2 Target Release: ---
DevPrio: --- Emory-Cloud Sites: ---
Attachments: Limit pam_slurm_adopt to the sshd PAM application
avoid copying undefined stack data
check against uid not username

Description Matthias Gerstner 2018-12-06 02:36:34 MST 
Resulting from a security audit of the pam_slurm_adopt module for inclusion in SUSE distributions here are a couple of patches that either fix small bugs or harden the security of the module.

Please see the individual patches for detailed information.
Comment 1 Matthias Gerstner 2018-12-06 02:37:33 MST 
Created attachment 8544 [details]
Limit pam_slurm_adopt to the sshd PAM application
Comment 2 Matthias Gerstner 2018-12-06 02:37:56 MST 
Created attachment 8545 [details]
avoid copying undefined stack data
Comment 3 Matthias Gerstner 2018-12-06 02:38:24 MST 
Created attachment 8546 [details]
check against uid not username
Comment 4 Danny Auble 2018-12-07 14:44:43 MST 
Thanks Matthias, these will be in 19.05

commits

4f954bd88d758
70c1e7cd4264f
17c63947303f5