[Pkg-shadow-commits] r288 - in trunk/debian: . patches

Nicolas FRANCOIS pkg-shadow-devel@lists.alioth.debian.org
Tue, 21 Jun 2005 23:24:02 +0000 

Author: nekral-guest
Date: 2005-06-21 23:24:01 +0000 (Tue, 21 Jun 2005)
New Revision: 288

Modified:
   trunk/debian/changelog
   trunk/debian/patches/008_su_ignore_SIGINT
Log:
Also ignore SIGQUIT to avoid an user to defeat the delay.


Modified: trunk/debian/changelog
===================================================================
--- trunk/debian/changelog	2005-06-21 23:22:54 UTC (rev 287)
+++ trunk/debian/changelog	2005-06-21 23:24:01 UTC (rev 288)
@@ -51,6 +51,10 @@
         before the call to exec.
       * If no command is provided, the arguments after the username are for
         the shell, no -c has to be appended.
+    - 008_su_ignore_SIGINT
+      * Also ignore SIGQUIT in su to avoid defeating the delay.
+        The gain in security is very minor.
+        Closes: #288827
   * Upstream bugs already fixed in upstream releases or CVS:
     - Corrected typos in chfn.1. Closes: #312428
     - Corrected typos in gshadow.5. Closes: #312429

Modified: trunk/debian/patches/008_su_ignore_SIGINT
===================================================================
--- trunk/debian/patches/008_su_ignore_SIGINT	2005-06-21 23:22:54 UTC (rev 287)
+++ trunk/debian/patches/008_su_ignore_SIGINT	2005-06-21 23:24:01 UTC (rev 288)
@@ -1,21 +1,33 @@
 Goal: Ignore SIGINT while authenticating. A ^C could defeat the waiting
       period and permit brute-force attacks.
-Fixes: 52372
+      Also ignore SIGQUIT.
+      
+Fixes: #52372 (SIGINT), #288827 (SIGQUIT)
 
 Status wrt upstream: It should be forwarded to upstream.
 
 Note: Even with a waiting period, a brute-force attack can be performed
-      by parralelizing attacks.  The gain in security is minor.
+      by parralelizing attacks (or sending a KILL signal).
+      The gain in security is minor.
 
 Index: shadow-4.0.3/src/su.c
 ===================================================================
---- shadow-4.0.3.orig/src/su.c	2005-05-30 22:57:55.776974000 +0200
-+++ shadow-4.0.3/src/su.c	2005-05-30 22:58:36.326974000 +0200
-@@ -538,6 +538,7 @@
+--- shadow-4.0.3.orig/src/su.c	2005-06-21 23:26:13.808723000 +0200
++++ shadow-4.0.3/src/su.c	2005-06-21 23:27:58.518723000 +0200
+@@ -538,6 +538,8 @@
  	if (shell == 0)
  		shell = (char *) strdup (pwent.pw_shell);
  
 +	signal(SIGINT, SIG_IGN);
++	signal(SIGQUIT, SIG_IGN);
  #ifdef USE_PAM
  	ret = pam_authenticate (pamh, 0);
  	if (ret != PAM_SUCCESS) {
+@@ -629,6 +631,7 @@
+ #endif				/* !USE_PAM */
+ 
+ 	signal (SIGINT, SIG_DFL);
++	signal (SIGQUIT, SIG_DFL);
+ 	cp = getdef_str ((pwent.pw_uid == 0) ? "ENV_SUPATH" : "ENV_PATH");
+ #if 0
+ 	addenv (cp ? cp : "PATH=/bin:/usr/bin", NULL);