No TTY prealloc; Tru64 can't do post-auth privsep

Ben Lindstrom mouring at etoh.eviladmin.org
Fri Jun 28 10:01:12 EST 2002


can I get the manpages for the sia_*() functions used?

- Ben

On Thu, 27 Jun 2002, Chris Adams wrote:

> Well, after digging around and thinking some more, I'm giving up on the
> idea of preallocating a TTY to get post-auth privsep working on Tru64.
> I don't think it will work, because just allocating a TTY doesn't fix
> the problem - there's no valid way to tie that TTY back to the client
> process (because it hasn't requested a TTY yet and may not ever do so).
> The problem is that the Tru64 session setup routines may require a TTY
> for interaction with the client (changing expired passwords for example)
> or for notifying the client that the account is locked, expired, etc.
> The interactive cases obviously don't work on non-TTY logins right now,
> but I don't want to break them for the TTY cases too where they
> currently work.
>
> Just add Tru64 to the set of platforms that can't do post-auth privsep
> (I still don't think it should be flagged as BROKEN_FD_PASSING because
> FD passing does work on Tru64, but whatever).
> --
> Chris Adams <cmadams at hiwaay.net>
> Systems and Network Administrator - HiWAAY Internet Services
> I don't speak for anybody but myself - that's enough trouble.
> _______________________________________________
> openssh-unix-dev at mindrot.org mailing list
> http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
>




More information about the openssh-unix-dev mailing list