[Bug 926] pam_session_close called as user or not at all
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Mon May 22 21:39:33 EST 2006
http://bugzilla.mindrot.org/show_bug.cgi?id=926
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |dtucker at zip.com.au
------- Comment #14 from dtucker at zip.com.au 2006-05-22 21:39 -------
(In reply to comment #13)
> That wouldn't be a good idea, because even the session modules should
> be able to communicate with the user.
They can communicate but it's one-way only (through Buffer loginmsg).
This is how it works with privsep=yes (but folks have the option of
setting privsep=no if they need this functionality, which is one reason
I didn't change it in the patch).
> I think the most correct but a little bit bloated approach would be to
> do another fork (in privsep mode it would be in slave before dropping
> privileges) which would be there regardless of privsep setting. That's
> how login, gdm and other such programs work.
I was wondering what login did. That means that the pam_session_close
gets called by a different pid to the pam_session_open right?
(although a direct descendant of it).
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the openssh-bugs
mailing list