[Bug 2549] [PATCH] Allow PAM conversation for pam_setcred for keyboard-interactive authentication

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Tue Mar 8 20:57:25 AEDT 2016


https://bugzilla.mindrot.org/show_bug.cgi?id=2549

--- Comment #2 from Tomas Kuthan <tomas.kuthan at oracle.com> ---
I should have noted the following to the proposed patch above:

Although the patch applies, builds and runs standalone, it has an
implicit dependency on fix for #2548. Without that fix, it only makes
the issue described in #2548 worse: on top of pam_authenticate,
pam_acct_mgmt and pam_chautok it would add pam_setcred too into the
separate address space of the auxiliary PAM process. That would cause
some substantive implications, such as invalid audit context and
damaged audit records.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list