Mailing List Archive

[Bug 1945] Only 1 of the 2 krb cache files is removed on closing the ssh connection with UsePrivilegeSeparation=yes
https://bugzilla.mindrot.org/show_bug.cgi?id=1945

Damien Miller <djm@mindrot.org> changed:

What |Removed |Added
----------------------------------------------------------------------------
CC| |djm@mindrot.org

--- Comment #1 from Damien Miller <djm@mindrot.org> 2011-12-02 11:11:34 EST ---
I don't think the proposed fix is correct - it would allow
sshpam_cleanup() to run with a NULL pam handle and probably SEGV when
it makes its first PAM call.

Perhaps we should relax the !mm_is_monitor() check somehow though.
Maybe we could add a new monitor call to run the PAM cleanup as root?

--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 1945] Only 1 of the 2 krb cache files is removed on closing the ssh connection with UsePrivilegeSeparation=yes [ In reply to ]
https://bugzilla.mindrot.org/show_bug.cgi?id=1945

balu9463@gmail.com changed:

What |Removed |Added
----------------------------------------------------------------------------
CC| |balu9463@gmail.com

--- Comment #2 from balu9463@gmail.com 2011-12-13 17:10:37 EST ---
Right, I overlooked the Null Pam handle.

Wouldn't relaxing the mm_is_monitor and only checking for privsep work
if (sshpam_handle == NULL && use_privsep)

--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs