[PATCH] PAM chauthtok + Privsep
Kevin Steves
stevesk at pobox.com
Thu Jan 2 12:56:07 EST 2003
On Sat, Dec 21, 2002 at 11:11:04PM +1100, Darren Tucker wrote:
> Index: session.c
> ===================================================================
> RCS file: /cvs/openssh/session.c,v
> retrieving revision 1.222
> diff -u -r1.222 session.c
> --- session.c 26 Sep 2002 00:38:50 -0000 1.222
> +++ session.c 21 Dec 2002 11:39:07 -0000
> @@ -454,7 +454,6 @@
> session_proctitle(s);
>
> #if defined(USE_PAM)
> - do_pam_session(s->pw->pw_name, NULL);
> do_pam_setcred(1);
> if (is_pam_password_change_required())
> packet_disconnect("Password change required but no "
> if (check_quietlogin(s, command))
> return;
> @@ -1238,6 +1242,12 @@
> * Reestablish them here.
> */
> do_pam_setcred(0);
> +
> + /*
> + * We need to open the session here because PAM on HP-UX does not
> + * work after the call to permanently_set_uid.
> + */
> + do_pam_session(pw->pw_name,NULL);
> # endif /* USE_PAM */
> # if defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY)
> irix_setusercontext(pw);
this should be separated out as it's addressing a different problem:
running session modules as root.
i think we have agreement that a system service like sshd really needs
to run PAM modules as root, since there is no mechanism in the API for
a module to indicate privilege requirements to a consumer, or a
mechanism for a consumer to determine the highest privilege required of
all configured service modules.
on hp-ux, in the trusted case, the pam_unix session module needs root
because it wants to write in /tcb.
so, we want to do this, but i am not sure this is the "correct" way to
do this. i'm not saying it's wrong, i want to make sure it is
correct. we want to be very careful moving this stuff around.
More information about the openssh-unix-dev
mailing list