[Bug 926] pam_session_close called as user or not at all
bugzilla-daemon
bugzilla-daemon
Sat Aug 5 01:19:00 EST 2006
http://bugzilla.mindrot.org/show_bug.cgi?id=926
------- Comment #21 from t8m at centrum.cz 2006-08-05 01:18 -------
The patch causes a regression with pam_krb5 module.
See https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=201341
As I said above I think that the only correct solution which would
solve all cases (privsep yes/no, root/regular user) would be to add
another fork before the setuid calls and shell process exec.
login does this:
1. call pam_open_session
2. fork
3. parent waits for child, child impersonates user, execs shell
4. when child exits, parent calls pam_close_session
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the openssh-bugs
mailing list