Hi List,
I am using the libnss-ldap and libpam-ldap packages with default configuration.
NSS is configured to allow passwd and group resolution over ldap.
user@host:~$ cat /etc/nsswitch.conf
passwd: compat ldap
group: compat ldap
shadow: compat ldap
If a user account exists in local /etc/passwd and in the ldap database, the user
can authenticate with both passwords, but is always logged in as the local user.
It seems to mee that nss should resolve the correct uid.
I can create a ldap account named 'root', with a weak password and uid 12345,
then su - on the system and log in as root with the weak password, and get uid 0.
It's not debian related, but I would like to know if this is a misconfiguration.
Any advice ?
Regards,
Yann
--
To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/4ef35450.10...@autissier.net
