Bug#278394: PAM not run in single address space

To: Sam Hartman <hartmans@debian.org>, 278394@bugs.debian.org
Subject: Bug#278394: PAM not run in single address space
From: Colin Watson <cjwatson@debian.org>
Date: Mon, 1 Nov 2004 18:49:55 +0000
Message-id: <[🔎] 20041101184955.GC2172@riva.ucam.org>
Reply-to: Colin Watson <cjwatson@debian.org>, 278394@bugs.debian.org
In-reply-to: <tslfz3xa8tw.fsf@cz.mit.edu>
References: <tslekjlml2g.fsf@cz.mit.edu> <20041027004046.GB1205@riva.ucam.org> <tslfz3xa8tw.fsf@cz.mit.edu>

On Fri, Oct 29, 2004 at 10:38:03AM -0400, Sam Hartman wrote:
> I just wanted to let you know that I have done an audit of the thread
> code in auth-pam.c.
> 
> This is the simplest use of threads I've ever seen outside of a
> classroom exercise.
> 
> The authentication thread is self contained and I don't see how it
> could manage to escape into other parts of the program.  Similarly,
> the process managed is significantly simplified in the threads case
> compared to the non-threads case.
> 
> 
> Short of a libc bug or a misbehaving PAM module I would be surprised
> if this code introduces any problems.

OK, that's fairly conclusive; thanks. I've committed your patch, with
the additional change that I arranged for only sshd to be linked against
libpthread, since only sshd includes auth-pam.c; that seemed like a less
risky course.

I'll upload once Steve has reviewed the current version of openssh in
unstable and (I hope) moved it into testing.

Cheers,

-- 
Colin Watson                                       [cjwatson@debian.org]

Reply to:

Prev by Date: Bug#117318: My regards.
Next by Date: Bug#279446: ssh match
Previous by thread: Bug#117318: My regards.
Next by thread: Bug#279446: ssh match
Index(es):
- Date
- Thread