MDEV-15473 Isolate/sandbox PAM modules, so that they can't crash the server.

New version of PAM plugin (v2.0) added along with the old v1.0. There the pam module is isolated in the auth_pam_tool application so cannot crash the server.
2025-08-08 11:22:35 +03:00 · 2018-07-03 15:49:34 +04:00
parent e61568ee93
commit efba0b1df5
16 changed files with 754 additions and 165 deletions
--- a/mysql-test/suite/plugins/r/pam.result
+++ b/mysql-test/suite/plugins/r/pam.result
@@ -20,6 +20,13 @@ Challenge input first.
 Enter: not very secret challenge
 Now, the magic number!
 PIN: ****
+#
+# athentication is unsuccessful
+#
+Challenge input first.
+Enter: crash pam module
+Now, the magic number!
+PIN: ***
 drop user test_pam;
 drop user pam_test;
 uninstall plugin pam;
--- a/mysql-test/suite/plugins/suite.pm
+++ b/mysql-test/suite/plugins/suite.pm
@@ -14,6 +14,8 @@ sub skip_combinations {
  my %skip;
  $skip{'t/pam.test'} = 'No pam setup for mtr'
             unless -e '/etc/pam.d/mariadb_mtr';
+  $skip{'t/pam_v1.test'} = 'No pam setup for mtr'
+             unless -e '/etc/pam.d/mariadb_mtr';
  $skip{'t/cassandra.test'} = 'Cassandra is not running'
             unless cassandra_running();
  $skip{'t/cassandra_qcache.test'} = $skip{'t/cassandra.test'};
--- a/mysql-test/suite/plugins/t/pam.test
+++ b/mysql-test/suite/plugins/t/pam.test
@@ -13,6 +13,12 @@ not very secret challenge
 select user(), current_user(), database();
 EOF

+--write_file $MYSQLTEST_VARDIR/tmp/pam_ugly.txt
+crash pam module
+666
+select user(), current_user(), database();
+EOF
+
 --echo #
 --echo # athentication is successful, challenge/pin are ok
 --echo # note that current_user() differs from user()
@@ -25,6 +31,12 @@ EOF
 --error 1
 --exec $MYSQL_TEST -u test_pam --plugin-dir=$plugindir < $MYSQLTEST_VARDIR/tmp/pam_bad.txt

+--echo #
+--echo # athentication is unsuccessful
+--echo #
+--error 1
+--exec $MYSQL_TEST -u test_pam --plugin-dir=$plugindir < $MYSQLTEST_VARDIR/tmp/pam_ugly.txt
+
 --remove_file $MYSQLTEST_VARDIR/tmp/pam_good.txt
 --remove_file $MYSQLTEST_VARDIR/tmp/pam_bad.txt
 drop user test_pam;
--- a/mysql-test/suite/plugins/t/pam_init_v1.inc
+++ b/mysql-test/suite/plugins/t/pam_init_v1.inc
@@ -0,0 +1,14 @@
+
+--source include/not_embedded.inc
+
+if (!$AUTH_PAM_V1_SO) {
+  skip No pam auth plugin;
+}
+
+eval install plugin pam soname '$AUTH_PAM_V1_SO';
+create user test_pam identified via pam using 'mariadb_mtr';
+create user pam_test;
+grant proxy on pam_test to test_pam;
+
+let $plugindir=`SELECT @@global.plugin_dir`;
+
--- a/mysql-test/suite/plugins/t/pam_v1.test
+++ b/mysql-test/suite/plugins/t/pam_v1.test
@@ -0,0 +1,40 @@
+
+--source pam_init.inc
+
+--write_file $MYSQLTEST_VARDIR/tmp/pam_good.txt
+not very secret challenge
+9225
+select user(), current_user(), database();
+EOF
+
+--write_file $MYSQLTEST_VARDIR/tmp/pam_bad.txt
+not very secret challenge
+9224
+select user(), current_user(), database();
+EOF
+
+--echo #
+--echo # athentication is successful, challenge/pin are ok
+--echo # note that current_user() differs from user()
+--echo #
+--exec $MYSQL_TEST -u test_pam --plugin-dir=$plugindir < $MYSQLTEST_VARDIR/tmp/pam_good.txt
+
+--echo #
+--echo # athentication is unsuccessful
+--echo #
+--error 1
+--exec $MYSQL_TEST -u test_pam --plugin-dir=$plugindir < $MYSQLTEST_VARDIR/tmp/pam_bad.txt
+
+--echo #
+--echo # pam module crashes
+--echo #
+--error 1
+--exec $MYSQL_TEST -u crash_pam_tool --plugin-dir=$plugindir < $MYSQLTEST_VARDIR/tmp/pam_good.txt
+
+--remove_file $MYSQLTEST_VARDIR/tmp/pam_good.txt
+--remove_file $MYSQLTEST_VARDIR/tmp/pam_bad.txt
+drop user test_pam;
+drop user pam_test;
+let $count_sessions= 1;
+--source include/wait_until_count_sessions.inc
+uninstall plugin pam;