pam session as root
Michael Stone
mstone at cs.loyola.edu
Thu Jun 27 08:58:52 EST 2002
Beyond any more general questions of whether pam sessions *should* be
run as root, is there an immediate security concern with moving the
pam_open_session (and pam_setcred) stuff to the parent (root) process?
(E.g., via the patch below.)
--
Mike Stone
diff -u -r1.4 auth-pam.c
--- auth-pam.c 25 Jun 2002 00:45:33 -0000 1.4
+++ auth-pam.c 25 Jun 2002 20:33:41 -0000
@@ -286,6 +286,8 @@
pam_retval, PAM_STRERROR(__pamh,
pam_retval));
}
+ if (session_opened)
+ return; /*Be idempotent so we can be called in monitor and
child*/
pam_retval = pam_open_session(__pamh, 0);
if (pam_retval != PAM_SUCCESS)
fatal("PAM session setup failed[%d]: %.200s",
@@ -304,6 +306,8 @@
do_pam_set_conv(&conv);
+ if (init&&creds_set)
+ return; /*be idempotent so we can be called in monitor and
child*/
debug("PAM establishing creds");
pam_retval = pam_setcred(__pamh,
init ? PAM_ESTABLISH_CRED : PAM_REINITIALIZE_CRED);
diff -u -r1.1.1.1 monitor.c
--- monitor.c 24 Jun 2002 23:29:52 -0000 1.1.1.1
+++ monitor.c 25 Jun 2002 20:33:41 -0000
@@ -278,6 +278,8 @@
#ifdef USE_PAM
if (!do_pam_account(authctxt->pw->pw_name,
NULL))
authenticated = 0;
+ do_pam_session(authctxt->pw->pw_name, NULL);
+ do_pam_setcred(1);
#endif
}
More information about the openssh-unix-dev
mailing list