Environment set on PAM module is not visible to user

Jose A. Rodriguez jose.rodriguez at ac.upc.es
Thu Oct 30 02:22:56 EST 2003

>	We're using an internal PAM module (Linux) that sets a few environment
>	variables using pam_putenv (on pam_sm_authenticate). In version 3.6.1p1i
>	such variables are visible to the user (as expected), but since 3.7p1
>	they are not...

	I found the cause for this behaviour: since 3.7.1p2 the PAM
	authentication is done using a thread. If not compiled with
	POSIX thread support, then OpenSSH emulates threads using processes.
	This emulation is not perfect and as I reported, the environment
	updated by the PAM module is lost (there is no code to copy the
	environment from the child/emulated thread). Using POSIX threads 
	everything works as expected.

	I consider this behaviour as a bug, but that's only an opinion. :-)

Jose A. Rodriguez            OOO  Universitat Politecnica de Catalunya (UPC)
josear at ac.upc.es             OOO  Departament d'Arquitectura de Computadors
Tel. 16990                   OOO                 -*- LCAC -*- 

More information about the openssh-unix-dev mailing list