vtysh: Account validity should be verified when authenticating users with PAM. - matthieu/frr.git - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	rgirada <rgirada@vmware.com>	2022-06-23 07:37:28 -0700
committer	rgirada <rgirada@vmware.com>	2022-06-23 11:15:47 -0700
commit	264a2a273fd1bf6543cef6bccf9019d09249b1a1 (patch)
tree	a6051e3187cff5950631ff68c3a1fb2040f0cfb6 /zebra/kernel_netlink.c
parent	8a8fd10a47c944f469f21e0aeb636f843685b891 (diff)

vtysh: Account validity should be verified when authenticating users with PAM.

Description: SonarQube detects the following behaviour as a vulanarability. When authenticating users using PAM, it is strongly recommended to check the validity of the account (not locked, not expired ...), otherwise it leads to unauthorized access to resources. pam_acct_mgmt() should be called for account validity after calling pam_authenticate(). Signed-off-by: Rajesh Girada <rgirada@vmware.com>

Diffstat (limited to 'zebra/kernel_netlink.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: