Re: PAM exec patch to allow PAM_AUTHTOK to be exported.
- From: Dag-Erling Smørgrav <des@xxxxxx>
- Date: Sun, 20 May 2007 19:10:33 +0200
"Zane C.B." <v.velox@xxxxxxxxxx> writes:
Dag-Erling Smørgrav <des@xxxxxx> writes:
Your patch opens a gaping security hole. Sensitive informationUnless I am missing something, this is only dangerous if one is doing
should never be placed in the environment.
something stupid with what ever is being executed by pam_exec.
Environment variables may be visible to other processes and users
through e.g. /proc.
DES
--
Dag-Erling Smørgrav - des@xxxxxx
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"
- Follow-Ups:
- Re: PAM exec patch to allow PAM_AUTHTOK to be exported.
- From: Dan Lukes
- Re: PAM exec patch to allow PAM_AUTHTOK to be exported.
- From: Zane C.B.
- Re: PAM exec patch to allow PAM_AUTHTOK to be exported.
- References:
- PAM exec patch to allow PAM_AUTHTOK to be exported.
- From: Zane C.B.
- Re: PAM exec patch to allow PAM_AUTHTOK to be exported.
- From: Dag-Erling Smørgrav
- Re: PAM exec patch to allow PAM_AUTHTOK to be exported.
- From: Zane C.B.
- PAM exec patch to allow PAM_AUTHTOK to be exported.
- Prev by Date: Re: PAM exec patch to allow PAM_AUTHTOK to be exported.
- Next by Date: Re: PAM exec patch to allow PAM_AUTHTOK to be exported.
- Previous by thread: Re: PAM exec patch to allow PAM_AUTHTOK to be exported.
- Next by thread: Re: PAM exec patch to allow PAM_AUTHTOK to be exported.
- Index(es):
Relevant Pages
|
