[Bug 1322] pam_end() is not called if authentication fails, which breaks pam-abl
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Mon Jun 18 10:07:57 EST 2007
http://bugzilla.mindrot.org/show_bug.cgi?id=1322
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |djm at mindrot.org
--- Comment #2 from Damien Miller <djm at mindrot.org> 2007-06-18 10:07:54 ---
DO NOT apply the patch in the Debian bug. It will expose your system to
the signal handler vulnerability fixed in openssh-4.4
This is the "difficult to fix" SIGALRM handler. We could make
sshpam_cleanup() fire if do_cleanup was not called in signal context,
but that would just open a different workaround for password guessers:
make max_auth_tries-1 guesses and keep the connection open until it
times out.
--
Configure bugmail: http://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
More information about the openssh-bugs
mailing list