granicus.if.org Git - sudo/commit

]> granicus.if.org Git - sudo/commit

author	Todd C. Miller <Todd.Miller@courtesan.com>
	Tue, 27 Sep 2011 17:58:17 +0000 (13:58 -0400)
committer	Todd C. Miller <Todd.Miller@courtesan.com>
	Tue, 27 Sep 2011 17:58:17 +0000 (13:58 -0400)
commit	c7e0c5d2070e4a1048f1ac9ae55b628e8a568eca
tree	6517393b82e6f6d85192aa8b1b35cf5e064a606d	tree \| snapshot
parent	32cbf8cf82929dec8838645643b689413dabb8d6	commit \| diff
parent	c5f8dc95c6f73274dcd213176d7429bbbd98bd7d	commit \| diff

Fix a PAM_USER mismatch in session open/close. We update PAM_USER
to the target user immediately before setting resource limits, which
is after the monitor process has forked (so it has the old value).
Also, if the user did not authenticate, there is no pamh in the
monitor so we need to init pam here too. This means we end up
calling pam_start() twice, which should be fixed, but at least the
session is always properly closed now.

--HG--
branch : 1.8

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom