[Bug 2408] Expose authentication information to PAM
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Thu Apr 14 21:36:24 AEST 2016
https://bugzilla.mindrot.org/show_bug.cgi?id=2408
Jakub Jelen <jjelen at redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |jjelen at redhat.com
--- Comment #5 from Jakub Jelen <jjelen at redhat.com> ---
This seems to be a reasonable way to communicate authentication details
with PAM and missing piece in the troublesome two factor authentication
in SSH. I didn't find any problem with this patch.
The only thought coming to my mind is possible disclosure of user data
to running application(s). I would also consider adding some knob to
turn this export off (ExportUserauthEnvironment ?) and turn it off by
default. Still, using 2FA is not too common in SSH deployment.
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list