Bug#63460: ssh calls pam_open_session in defferent process than setuid
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
I also stumbled over this bug. There are more problems calling pam_*
methods in different processes or threads. PAM has a pam_set_data()
function that enables modules to share code between different stages.
For example in the libpam-mount package, pam_authenticate stores a
password and pam_open_session tries to retreives it, but gets nothing
since it is called in a new thread.
I think there is no easy fix for this. PAM is not designed for
multi-threaded applications like ssh.
Greetings, Bastian
- --
,''`. Bastian Kleineidam . calvin (at) debian.org
: :' :
`. `' GnuPG Schlüssel http://kampfwurst.net/gpgkey.txt
`-
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFA499LeBwlBDLsbz4RAiu0AJ98kMFR33Uumwm4KVjBbdizMk67gQCfdalV
rpMEX+fXoQC1nNoP3lRFqSo=
=HstM
-----END PGP SIGNATURE-----
Reply to: