clear supplementary groups in pam_console handler execution
This commit is contained in:
parent
412141d627
commit
8de0245233
@ -28,7 +28,7 @@ diff -up Linux-PAM-1.1.0/modules/pam_console/handlers.c.consolefix Linux-PAM-1.1
|
|||||||
child = fork();
|
child = fork();
|
||||||
switch (child) {
|
switch (child) {
|
||||||
case -1:
|
case -1:
|
||||||
@@ -246,30 +246,31 @@ execute_handler(pam_handle_t *pamh, stru
|
@@ -246,30 +246,32 @@ execute_handler(pam_handle_t *pamh, stru
|
||||||
if (!wait_exit) {
|
if (!wait_exit) {
|
||||||
switch(fork()) {
|
switch(fork()) {
|
||||||
case 0:
|
case 0:
|
||||||
@ -54,6 +54,7 @@ diff -up Linux-PAM-1.1.0/modules/pam_console/handlers.c.consolefix Linux-PAM-1.1
|
|||||||
- exit(255);
|
- exit(255);
|
||||||
+ _exit(255);
|
+ _exit(255);
|
||||||
if (setgid(pw->pw_gid) == -1 ||
|
if (setgid(pw->pw_gid) == -1 ||
|
||||||
|
+ setgroups(0, NULL) == -1 ||
|
||||||
setuid(pw->pw_uid) == -1)
|
setuid(pw->pw_uid) == -1)
|
||||||
- exit(255);
|
- exit(255);
|
||||||
+ _exit(255);
|
+ _exit(255);
|
||||||
|
5
pam.spec
5
pam.spec
@ -3,7 +3,7 @@
|
|||||||
Summary: An extensible library which provides authentication for applications
|
Summary: An extensible library which provides authentication for applications
|
||||||
Name: pam
|
Name: pam
|
||||||
Version: 1.1.4
|
Version: 1.1.4
|
||||||
Release: 1%{?dist}
|
Release: 2%{?dist}
|
||||||
# The library is BSD licensed with option to relicense as GPLv2+ - this option is redundant
|
# The library is BSD licensed with option to relicense as GPLv2+ - this option is redundant
|
||||||
# as the BSD license allows that anyway. pam_timestamp and pam_console modules are GPLv2+,
|
# as the BSD license allows that anyway. pam_timestamp and pam_console modules are GPLv2+,
|
||||||
License: BSD and GPLv2+
|
License: BSD and GPLv2+
|
||||||
@ -359,6 +359,9 @@ fi
|
|||||||
%doc doc/adg/*.txt doc/adg/html
|
%doc doc/adg/*.txt doc/adg/html
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri Jul 15 2011 Tomas Mraz <tmraz@redhat.com> 1.1.4-2
|
||||||
|
- clear supplementary groups in pam_console handler execution
|
||||||
|
|
||||||
* Mon Jun 27 2011 Tomas Mraz <tmraz@redhat.com> 1.1.4-1
|
* Mon Jun 27 2011 Tomas Mraz <tmraz@redhat.com> 1.1.4-1
|
||||||
- upgrade to new upstream release
|
- upgrade to new upstream release
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user