bugzilla-daemon at mindrot.org
2003-Nov-13 11:08 UTC
[Bug 632] PAM conversation function does not return when connection is aborted
http://bugzilla.mindrot.org/show_bug.cgi?id=632
das at decisionsoft.com changed:
What |Removed |Added
----------------------------------------------------------------------------
Severity|major |security
Priority|P2 |P1
------- Additional Comments From das at decisionsoft.com 2003-11-13 04:08
-------
Considering this is a security bug (it does not scrub memory as it should and
for other pam modules expose other vulnerabilities) as well as a functionality
bug which seems to involve calling one function instead of another, I would
think hope and encourge that getting it fixed be a priority.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2003-Nov-16 23:08 UTC
[Bug 632] PAM conversation function does not return when connection is aborted
http://bugzilla.mindrot.org/show_bug.cgi?id=632
djm at mindrot.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Severity|security |major
Priority|P1 |P3
------- Additional Comments From djm at mindrot.org 2003-11-16 16:08 -------
Please don't make changes to other people's bugs, unless you are going
to help.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2003-Nov-16 23:32 UTC
[Bug 632] PAM conversation function does not return when connection is aborted
http://bugzilla.mindrot.org/show_bug.cgi?id=632 ------- Additional Comments From djm at mindrot.org 2003-11-16 16:32 ------- Created an attachment (id=501) --> (http://bugzilla.mindrot.org/attachment.cgi?id=501&action=view) Don't fatal on msg functions The removes the remaining indirect ways that pam_end could be called from the kbd-int conversation function in -current portable. I'd suggest the msg.[ch] changes for inclusion in the OpenBSD version too. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2003-Nov-16 23:37 UTC
[Bug 632] PAM conversation function does not return when connection is aborted
http://bugzilla.mindrot.org/show_bug.cgi?id=632
djm at mindrot.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Keywords| |patch
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2003-Nov-17 08:41 UTC
[Bug 632] PAM conversation function does not return when connection is aborted
http://bugzilla.mindrot.org/show_bug.cgi?id=632 ------- Additional Comments From markus at openbsd.org 2003-11-17 01:41 ------- the msg.c changes make sense to me... ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
Possibly Parallel Threads
- [Bug 632] PAM conversation function does not return when connection is aborted
- Testing of recent commits
- SSH / PAM Problem
- [Bug 2876] New: PAM_TEXT_INFO and PAM_ERROR_MSG conversation not honoured during PAM authentication
- [Bug 1322] New: pam_end() is not called if authentication fails, which breaks pam-abl