Bug#278394: PAM not run in single address space

To: Colin Watson <cjwatson@debian.org>
Cc: 278394@bugs.debian.org
Subject: Bug#278394: PAM not run in single address space
From: Sam Hartman <hartmans@debian.org>
Date: Wed, 27 Oct 2004 13:47:12 -0400
Message-id: <[🔎] tsly8hsvysf.fsf@cz.mit.edu>
Reply-to: Sam Hartman <hartmans@debian.org>, 278394@bugs.debian.org
In-reply-to: <[🔎] 20041027004046.GB1205@riva.ucam.org> (Colin Watson's message of "Wed, 27 Oct 2004 01:40:46 +0100")
References: <[🔎] tslekjlml2g.fsf@cz.mit.edu> <[🔎] 20041027004046.GB1205@riva.ucam.org>

I think this use of threads is relatively safe.

Basically as I understand it, threads are used to allow the event loop
to run while holding for pam conversation functions.


Likely ways such a design could break:

* Allowing the pam authentication thread to escape and somehow  getting into the rest of the code
* Allowing two pam threads to exist
* failing to cleanup the pam thread
* Having some interaction where a PAM module or one of its
  dependencies detects that it is running in a threaded application
  and changes its behavior.

I think all of these are unlikely.  I'd be happy to audit the code to
give a better risk description.  I'll assume such an audit would be
welcome and start working on it.


In many ways I think using threads simplifies the code.  Note for
example that #252676 could not have happened with threads enabled.


--Sam

Reply to:

References:
- Bug#278394: PAM not run in single address space
  - From: Sam Hartman <hartmans@debian.org>
- Bug#278394: PAM not run in single address space
  - From: Colin Watson <cjwatson@debian.org>

Prev by Date: Bug#278394: PAM not run in single address space
Next by Date: Bug#278715: [INTL:nl] updated Dutch po-debconf translation
Previous by thread: Bug#278394: PAM not run in single address space
Next by thread: Bug#278394: PAM not run in single address space
Index(es):
- Date
- Thread