[Bug 1945] New: Only 1 of the 2 krb cache files is removed on closing the ssh connection with UsePrivilegeSeparation=yes
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Thu Oct 20 19:55:37 EST 2011
https://bugzilla.mindrot.org/show_bug.cgi?id=1945
Bug #: 1945
Summary: Only 1 of the 2 krb cache files is removed on closing
the ssh connection with UsePrivilegeSeparation=yes
Classification: Unclassified
Product: Portable OpenSSH
Version: 5.8p1
Platform: All
OS/Version: HP-UX
Status: NEW
Severity: normal
Priority: P2
Component: PAM support
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy: balu9463 at gmail.com
This is my first bug report, request you to correct me if necessary.
For a non root user, When ChallengeResponse is used with PAM_Kerberos
and UsePrivilegeSeparation=yes, sshd creates two
credential files in /tmp, and at the end of the session only one
is removed
$ssh system1
.
.
$ ps -ef | grep ssh
root 170 1 0 14:01:58 ? 0:00 /opt/ssh/sbin/sshd
test 245 243 0 14:03:41 ? 0:00 sshd: test at pts/0
test 242 225 0 14:03:39 pts/tb 0:00 ssh system1
root 243 170 0 14:03:39 ? 0:02 sshd: test [priv]
$ ll /tmp/krb5cc*
-rw------- 1 test users 416 Oct 20 14:03
/tmp/krb5cc_170_243
-rw------- 1 test users 416 Oct 20 14:03
/tmp/krb5cc_243_245
Env KRB5CCNAME is set to
KRB5CCNAME=FILE:/tmp/krb5cc_243_245
On closing the session,the cache file corresponding to the nonpriv
process is not removed.
$ ll /tmp/krb5cc*
-rw------- 1 test users 416 Oct 20 14:03
/tmp/krb5cc_243_245
I have tested this on hpux but believe the same behaviour on other OS
as well.
Probable fix is to change the condition in
sshpam_cleanup(void)/auth-pam.c
< if (sshpam_handle == NULL || (use_privsep && !mm_is_monitor()))
---
> if (sshpam_handle == NULL && (use_privsep && !mm_is_monitor()))
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list