Differential D4753

[kcheckpass] Drop the throttle handling code
ClosedPublic
Actions

Authored by graesslin on Feb 24 2017, 5:59 AM.

Details

Reviewers
mart
Group Reviewers
Plasma
Commits
R133:bff1b22b375c: [kcheckpass] Drop the throttle handling code
Summary

Kcheckpass has code to throttle the invocation to prevent brute force
attack. This code has been broken for years and is never executed.

The condition to go into the throttle path is if the effective uid
doesn't match the uid, that is kcheckpass is a setuid application.
But for a few years now kcheckpass is no longer a setuid (at least
when built with PAM).

Given that I don't think it makes sense to still have this code
around. We don't know whether it works and kcheckpass is only to be
invoked from kscreenlocker_greet anyway.

Diff Detail

Repository
R133 KScreenLocker
Branch
kcheckpass-no-throttle
Lint
No Linters Available
Unit
No Unit Test Coverage
graesslin created this revision.Feb 24 2017, 5:59 AM
Restricted Application added a project: Plasma. · View Herald TranscriptFeb 24 2017, 5:59 AM
Restricted Application added a subscriber: plasma-devel. · View Herald Transcript
mart accepted this revision.Feb 24 2017, 10:25 AM
mart added a subscriber: mart.

is the setuid non pam case still supported/buildable at all? (i guess slackware/bsd?)

This revision is now accepted and ready to land.Feb 24 2017, 10:25 AM
Closed by commit R133:bff1b22b375c: [kcheckpass] Drop the throttle handling code (authored by graesslin). · Explain WhyFeb 24 2017, 1:47 PM
This revision was automatically updated to reflect the committed changes.
graesslin added a comment.Feb 24 2017, 1:47 PM

is the setuid non pam case still supported/buildable at all?

I assume it still works, otherwise we would hopefully have got reports about it not working.

Nevertheless as I am cleaning up that old code I will ask on distro mailing list which backends are still used and remove everything nobody yells I need it in a month or so.

Revision Contents
Changeset List

PathPackages
Mkcheckpass/kcheckpass.c (41 lines)

Diff 11737

View Options

kcheckpass/kcheckpass.c

Loading...