Memory leak caused by forwarded GSSAPI credential store

Simon Wilkinson sxw at inf.ed.ac.uk
Sat May 23 21:38:58 EST 2009


On 23 May 2009, at 11:46, miguel.sanders at arcelormittal.com wrote:

> 1) Migrate the ssh_gssapi_storecreds() call to the unprivileged child

Unfortunately, you can't do this, as GSSAPI credentials need to be  
stored before the PAM stack is invoked (this also means
that the credentials need to be stored in the process which invokes  
pam_setcred, and not in the unprivileged child).
Also, credentials need to be stored whether the user is running  
privsep or not - this change moves credential storage to a privsep  
only code path.

An alternative fix, that doesn't move the location of the storecreds()  
call, is going to be required. One option would be to dispose of these  
structures in the parent as soon as the child is forked (if we're  
running privsep), so removing the leak in the parent, and tidying up  
the leak in the child in the manner you suggest.

Cheers,

Simon.



More information about the openssh-unix-dev mailing list