!17 修复问题:已经过期的账户持有凭证仍然能登录

From: @liubuguiii Reviewed-by: @tangjie02 Signed-off-by: @tangjie02
2022-11-14 12:59:38 +00:00 · 2022-11-14 12:59:38 +00:00 · 0e4f0e875d
commit 0e4f0e875d
parent 847b3ce0a8 376416da9b
2 changed files with 45 additions and 2 deletions
--- a/0001-fix-CVE-PAM-authorization-bypass-due-to-incorrect-us.patch
+++ b/0001-fix-CVE-PAM-authorization-bypass-due-to-incorrect-us.patch
@ -0,0 +1,40 @@
+From 308c40306db937dda0ed99c7a426c7730c3d326c Mon Sep 17 00:00:00 2001
+From: liuxinhao <liuxinhao@kylinsec.com.cn>
+Date: Mon, 14 Nov 2022 16:50:36 +0800
+Subject: [PATCH] fix(CVE): PAM authorization bypass due to incorrect usage
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+- 修复问题: 已经过期的账户持有凭证仍然能登录
+---
+ libexec/session-guard-checkpass/main.cpp | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/libexec/session-guard-checkpass/main.cpp b/libexec/session-guard-checkpass/main.cpp
+index e667bde..4606411 100644
+--- a/libexec/session-guard-checkpass/main.cpp
+++ b/libexec/session-guard-checkpass/main.cpp
+@@ -203,7 +203,6 @@ int main(int argc, char *argv[])
+ 
+     int authRes = PAM_SUCCESS;
+     authRes = pam_authenticate(pamh, 0);
+-
+     const char *newUserName;
+     if (pam_get_item(pamh, PAM_USER, (const void **)&newUserName) != PAM_SUCCESS)
+     {
+@@ -211,6 +210,11 @@ int main(int argc, char *argv[])
+         return EXIT_FAILURE;
+     }
+ 
+    if( authRes == PAM_SUCCESS )
+    {
+        authRes = pam_acct_mgmt(pamh, 0);
+    }
+
+     const char *authResultString = pam_strerror(pamh, authRes);
+     CompleteEvent event(true, authRes == PAM_SUCCESS, QString(authResultString));
+     kiran_pam_message_send_event(CHANNEL_WRITE, &event);
+-- 
+2.33.0
+
--- a/kiran-session-guard.spec
+++ b/kiran-session-guard.spec
@ -1,12 +1,12 @@
 Name: kiran-session-guard
 Version: 2.4.0
-Release: 1
+Release: 2
 Summary: Kiran desktop environment login and lock screen dialog
 Summary(zh_CN): Kiran桌面环境登录和解锁框

 License: MulanPSL-2.0
 Source0: %{name}-%{version}.tar.gz
-
+Patch01: 0001-fix-CVE-PAM-authorization-bypass-due-to-incorrect-us.patch

 %define SHOW_VIRTUAL_KEYBOARD 0

@ -134,6 +134,9 @@ gtk-update-icon-cache -f /usr/share/icons/hicolor/
 rm -rf %{buildroot}

 %changelog
+* Mon Nov 14 2022 liuxinhao <liuxinhao@kylinsec.com.cn> - 2.4.0-2
+- KYOS-F: fix PAM authorization bypass due to incorrect usage
+
 * Fri Nov 04 2022 liuxinhao <liuxinhao@kylinsec.com.cn> - 2.4.0-1
 - KYOS-F: release 2.4, kiran-control-panel greeter plugin support color block