Devrim SERAL wrote: > > Hi , > > Today i found some interesting bug when i tried to use pam_limits.so in > login pam configuration. > > Today one of my user warn me that when he log on the our Linux server he > gain > my rights. Firstly i think someone break our system. But when i checked > all logs > i didn't found any break sign. > > Then i think xinetd or in.telnetd have some bug. I checked all updates > from redhat and > found that we are on lastest patch level at all packets.. > > Next i have disable telnetd from xinetd to all Lan and only permit to > access from my IP number. And check all possibility. > > Finally i found that only student groups member gain console or pts/0 > rights.. > And i remember at weekend i have changed /etc/security/limits.conf for > limit our student > maxlogin count to two. > > Only i added below line to this file: > @student hard maxlogins 2 > > And also added below line to pam configuration of login: > session required pam_limits.so > > When i comment pam_limits.so related line the problem solved.. > > I wonder that if its related only for our server or pam module specific? > > devrim > > Note: The server run on Redhat 7.1 Kernel 2.4.10 and all packets at > lastest patch level.
