https://bugzilla.mindrot.org/show_bug.cgi?id=3934
Darren Moffat <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #1 from Darren Moffat <[email protected]> --- Each separate SSH userauth method (including 'none') will result in a call to sshpam_init(). After the initial 'none' userauth method there will always be an existing handle. With the current code in the case where the user has not changed sshpam_init() will call pam_start() again using the same sshpam_handle global variable. Doing so leaks any memory stored in PAM_DATA_ITEMs which could be sensitive info. It is important to call pam_end() before calling pam_start() again. If the user hasn't changed here is actually no need to call pam_start() again, it would be ok to just return. For some comparison in the patch attached to bug 2246 if there is an existing handle and the user changes (or in the case of bug 2246 proposed changes the service name changes) pam_end() is called. -- You are receiving this mail because: You are watching the assignee of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
