Ticket 6184 - pam_slurm_adopt: security fixes and hardening
Summary: pam_slurm_adopt: security fixes and hardening
Status: RESOLVED FIXED
Alias: None
Product: Slurm
Classification: Unclassified
Component: Other (show other tickets)
Version: 19.05.x
Hardware: Linux Linux
: C - Contributions
Assignee: Danny Auble
QA Contact:
URL:
Depends on:
Blocks:
 
Reported: 2018-12-06 02:36 MST by Matthias Gerstner
Modified: 2018-12-07 14:44 MST (History)
0 users

See Also:
Site: -Other-
Slinky Site: ---
Alineos Sites: ---
Atos/Eviden Sites: ---
Confidential Site: ---
Coreweave sites: ---
Cray Sites: ---
DS9 clusters: ---
Google sites: ---
HPCnow Sites: ---
HPE Sites: ---
IBM Sites: ---
NOAA SIte: ---
NoveTech Sites: ---
Nvidia HWinf-CS Sites: ---
OCF Sites: ---
Recursion Pharma Sites: ---
SFW Sites: ---
SNIC sites: ---
Tzag Elita Sites: ---
Linux Distro: ---
Machine Name:
CLE Version:
Version Fixed: 19.05.0pre2
Target Release: ---
DevPrio: ---
Emory-Cloud Sites: ---

Attachments
Limit pam_slurm_adopt to the sshd PAM application (5.54 KB, patch)
2018-12-06 02:37 MST, Matthias Gerstner 		Details | Diff
avoid copying undefined stack data (1.02 KB, patch)
2018-12-06 02:37 MST, Matthias Gerstner 		Details | Diff
check against uid not username (1.92 KB, patch)
2018-12-06 02:38 MST, Matthias Gerstner 		Details | Diff
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this ticket.
Description Matthias Gerstner 2018-12-06 02:36:34 MST 
Resulting from a security audit of the pam_slurm_adopt module for inclusion in SUSE distributions here are a couple of patches that either fix small bugs or harden the security of the module.

Please see the individual patches for detailed information.
Comment 1 Matthias Gerstner 2018-12-06 02:37:33 MST 
Created attachment 8544 [details]
Limit pam_slurm_adopt to the sshd PAM application
Comment 2 Matthias Gerstner 2018-12-06 02:37:56 MST 
Created attachment 8545 [details]
avoid copying undefined stack data
Comment 3 Matthias Gerstner 2018-12-06 02:38:24 MST 
Created attachment 8546 [details]
check against uid not username
Comment 4 Danny Auble 2018-12-07 14:44:43 MST 
Thanks Matthias, these will be in 19.05

commits

4f954bd88d758
70c1e7cd4264f
17c63947303f5