saslauthd SASL_IPREMOTEPORT -> PAM_RHOST
Amir 'CG' Caspi
cepheid at 3phase.com
Sun May 22 15:20:37 EDT 2011
Lorenzo,
Also, does your patch pass the requested login name to
saslauthd? I didn't see that it did. That would also be a great
inclusion, so we could exclude dictionary attacks from potentially
legitimate users. Certainly not as crucial as the remote IP, though.
I've updated my RHEL bug to include a link to your patch - hopefully
we can get it included upstream (especially if one of them applies
cleanly to 2.1.22).
Thanks!
--- Amir
At 4:00 PM +0200 05/22/2011, Lorenzo Catucci wrote:
>Since I've seen some other people requesting the functionality [*], I think
>someone could like getting a courtesy copy of a bugzilla entry I've just
>filed on bugzilla.cyrusimap.org:
>
>http://bugzilla.cyrusimap.org/bugzilla3/show_bug.cgi?id=3468
>
>I'm attaching both a 2.1.23 and a 2.1.24 version of the patch, since
>there is a merge conflict between the former and 2.1.24 sources.
>
>I'd be grateful about any comment - review - test which could help
>with upstreaming my patch.
>
>Please keep in mind that I'm unable to test on a solaris box; therefore,
>the ipc_doors changes should be treated as VERY SUSPECT; still, I
>think they make sense, and would be twice as grateful to any solaris
>tester...
>
>Thank you very much, yours
>
> lorenzo
>
>[*] In particular, a google search lead to the following pages:
>
>http://lists.andrew.cmu.edu/pipermail/cyrus-sasl/2011-March/002218.html
> "saslauthd/PAM IP logging on failure" - 2011-03-26
>
>https://bugzilla.redhat.com/show_bug.cgi?id=683797
> "saslauthd using pam does not log rhost (remote host) IP/hostname
> or requested login in /var/log/secure" - 2011-03-10
>
>http://lists.andrew.cmu.edu/pipermail/cyrus-sasl/2010-July/002108.html
> "PAM authentication - Remote host" - 2010-07-13
>
>http://lists.andrew.cmu.edu/pipermail/cyrus-sasl/2010-May/002085.html
> "remote client ip" - 2010-05-24
>
>
>Attachment converted: Macintosh HD:saslauthd_pam_rhost#51C173.diff
>(TEXT/ttxt) (0051C173)
>Attachment converted: Macintosh HD:saslauthd_pam_rhost_2.1.23.diff
>(TEXT/ttxt) (0051C174)
More information about the Cyrus-sasl
mailing list