Environment set on PAM module is not visible to user
Jose A. Rodriguez
jose.rodriguez at ac.upc.es
Thu Oct 30 02:22:56 EST 2003
> We're using an internal PAM module (Linux) that sets a few environment
> variables using pam_putenv (on pam_sm_authenticate). In version 3.6.1p1i
> such variables are visible to the user (as expected), but since 3.7p1
> they are not...
I found the cause for this behaviour: since 3.7.1p2 the PAM
authentication is done using a thread. If not compiled with
POSIX thread support, then OpenSSH emulates threads using processes.
This emulation is not perfect and as I reported, the environment
updated by the PAM module is lost (there is no code to copy the
environment from the child/emulated thread). Using POSIX threads
everything works as expected.
I consider this behaviour as a bug, but that's only an opinion. :-)
Jose
____________________________________________________________________________
Jose A. Rodriguez OOO Universitat Politecnica de Catalunya (UPC)
josear at ac.upc.es OOO Departament d'Arquitectura de Computadors
Tel. 16990 OOO -*- LCAC -*-
UPC
More information about the openssh-unix-dev
mailing list