[Bug 926] pam_session_close called as user or not at all
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Wed Aug 23 22:03:07 EST 2006
http://bugzilla.mindrot.org/show_bug.cgi?id=926
------- Comment #23 from t8m at centrum.cz 2006-08-23 22:03 -------
(In reply to comment #22)
> (In reply to comment #21)
> > The patch causes a regression with pam_krb5 module.
> > See https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=201341
>
> Thanks for giving it a spin in Fedora. Does this particular problem
> also occur with PrivSep=no?
I don't think that this occurs with privsep disabled.
> > As I said above I think that the only correct solution which would
> > solve all cases (privsep yes/no, root/regular user) would be to add
> > another fork before the setuid calls and shell process exec.
>
> Would there be any downside to setting KRB5CCNAME in the parent too?
I don't know of any however note that with privsep disabled or when
called as root the pam_session_close still won't be called correctly.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the openssh-bugs
mailing list