Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello,
I was testing Duo AlmaLinux9 (RHEL 9 derivative) and found an issue with the Duo RPM registry. After getting some help from AlmaLinux community, I found out that that AlmaLinux9 (and presumably other RHEL9 derivatives) have disabled SHA1 signa...
Just a follow-up note, we found that in some cases, you might need read & exec for a NACM rule. Why? Not really sure, but it seemed to fix our problem. group [ foo ];
rule action {
path /ncs:services/foo:foo; access-operations rea...
@Qi LiI opened this issue for the shell example: https://github.com/NSO-developer/nso-sso-duo-integration---native/issues/1However I could not find the python code in the NSO-developer github repository.
Doesn't this string interpolation open the system up to shell command injection?output = subprocess.Popen(['/bin/bash', '-c', f'/usr/sbin/login_duo -d -f {args["user"]} echo ""'], stdout=subprocess.PIPE, stderr=subprocess.PIPE).communicate()[1].decod...
By default it runs as the current user and if you use something like RADIUS to provide groups when the user logs in then NSO will have no clue what groups you're in and you'll wind up with this.The fix we (NOW) use is to look at a hidden leaf in the ...
