[Bug 2425] sshd doesn't need to call setproject() when configured to use PAM on Solaris

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Tue Jul 7 16:26:20 AEST 2015


https://bugzilla.mindrot.org/show_bug.cgi?id=2425

--- Comment #1 from Darren Tucker <dtucker at zip.com.au> ---
Comment on attachment 2661
  --> https://bugzilla.mindrot.org/attachment.cgi?id=2661
patch to limit setproject(3PROJECT) calls to non-PAM configurations

>-#ifdef USE_SOLARIS_PROJECTS
>+#ifdef USE_SOLARIS_PROJECTS && !defined(USE_PAM)

This part isn't correct: USE_PAM is a compile time flag but PAM can be
enabled and disabled at runtime.

>        /* if solaris projects were detected, set the default now */
>        if (getuid() == 0 || geteuid() == 0)
>                solaris_set_default_project(pw);

I think that should be something like

if ((getuid() == 0 || geteuid() == 0) && !options.use_pam)
        solaris_set_default_project(pw);

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list