git.puffer.fish Git - matthieu/frr.git/commit

]> git.puffer.fish Git - matthieu/frr.git/commit

author	rgirada <rgirada@vmware.com>
	Thu, 23 Jun 2022 14:37:28 +0000 (07:37 -0700)
committer	rgirada <rgirada@vmware.com>
	Thu, 23 Jun 2022 18:15:47 +0000 (11:15 -0700)
commit	264a2a273fd1bf6543cef6bccf9019d09249b1a1
tree	a6051e3187cff5950631ff68c3a1fb2040f0cfb6	tree \| snapshot
parent	8a8fd10a47c944f469f21e0aeb636f843685b891	commit \| diff

vtysh: Account validity should be verified when authenticating users with PAM.

Description:
SonarQube detects the following behaviour as a vulanarability.
When authenticating users using PAM, it is strongly recommended to
check the validity of the account (not locked, not expired ...),
otherwise it leads to unauthorized access to resources.

pam_acct_mgmt() should be called for account validity after
calling pam_authenticate().

Signed-off-by: Rajesh Girada <rgirada@vmware.com>

vtysh/vtysh_user.c

diff | blob | history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom