auth-pam: don't leak PAM env strings after pam_putenv()
Theo de Raadt
deraadt at openbsd.org
Tue May 19 10:46:04 AEST 2026
Simon Josefsson via openssh-unix-dev <openssh-unix-dev at mindrot.org> wrote:
> > AIX PAM is also closed. IBM's pam_putenv(3) documentation
> > (ibm.com/docs/en/aix/7.3.0?topic=p-pam-putenv-subroutine)
> > describes behaviour but does not commit on ownership semantics.
Is there anyone from IBM on the list who find someone internal
who can give an answer?
Anyways, it is starting to look like the original proposed diff will be
good. Thank you for doing the research.
More information about the openssh-unix-dev
mailing list