I have an (Open)LDAP Server running on a Debian system inside my LAN, and multiple systems running Linux Mint, configured as LDAP Clients.
Here is the content of my /etc/nsswitch.conf
:
passwd: compat ldap
group: compat ldap
shadow: compat ldap
gshadow: files
hosts: files mdns4_minimal [NOTFOUND=return] dns myhostname
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: ldap
My question is: What happens if the LDAP Server introduces user collisions (uid/username)?
Can this be exploited to gain root access on the clients?
Is the LDAP Server the single-point-of-failure in this regard?
Can this be prevented?
I know I asked 4 questions, but all of them are on the same topic: "user collisions".
Thanks!
Best Answer
/etc/passwd
have the same UID, both can access the files of the other - effectively they are the same user.sudo
rights or something similar, the other user will have as well (as I said, they are effectively the same user)./etc/passwd
. Preventing this means to make sure you have no collisions before connecting to LDAP and afterwards, only add users to LDAP, not to local files (except for service accounts). This is your responsibility and the system does not protect you in this case.