Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/usr.bin/su Don't wait for any process, just our child. pam s...
details: https://anonhg.NetBSD.org/src/rev/a574be807f55
branches: trunk
changeset: 574256:a574be807f55
user: christos <christos%NetBSD.org@localhost>
date: Fri Feb 25 21:49:43 2005 +0000
description:
Don't wait for any process, just our child. pam sessions can fork other
processes (such as the ssh pam agent handler) and the wrong process ends
up reaped, wreaking havoc.
diffstat:
usr.bin/su/su_pam.c | 16 +++++++++++-----
1 files changed, 11 insertions(+), 5 deletions(-)
diffs (44 lines):
diff -r 14509eee2cec -r a574be807f55 usr.bin/su/su_pam.c
--- a/usr.bin/su/su_pam.c Fri Feb 25 19:56:07 2005 +0000
+++ b/usr.bin/su/su_pam.c Fri Feb 25 21:49:43 2005 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: su_pam.c,v 1.4 2005/01/18 21:39:11 manu Exp $ */
+/* $NetBSD: su_pam.c,v 1.5 2005/02/25 21:49:43 christos Exp $ */
/*
* Copyright (c) 1988 The Regents of the University of California.
@@ -40,7 +40,7 @@
#if 0
static char sccsid[] = "@(#)su.c 8.3 (Berkeley) 4/2/94";*/
#else
-__RCSID("$NetBSD: su_pam.c,v 1.4 2005/01/18 21:39:11 manu Exp $");
+__RCSID("$NetBSD: su_pam.c,v 1.5 2005/02/25 21:49:43 christos Exp $");
#endif
#endif /* not lint */
@@ -345,7 +345,7 @@
* Parent: wait for the child to terminate
* and call pam_close_session.
*/
- if ((xpid = wait(&status)) != pid) {
+ if ((xpid = waitpid(pid, &status, 0)) != pid) {
pam_err = pam_close_session(pamh, 0);
if (pam_err != PAM_SUCCESS) {
syslog(LOG_ERR,
@@ -354,8 +354,14 @@
warnx("pam_close_session: %s",
pam_strerror(pamh, pam_err));
}
- ERRX_PAM_END((1,
- "wrong PID: %d != %d", pid, xpid));
+ if (xpid == -1) {
+ ERR_PAM_END((1,
+ "error waiting for pid %d", pid));
+ } else {
+ // Can't happen.
+ ERRX_PAM_END((1,
+ "wrong PID: %d != %d", pid, xpid));
+ }
}
(void)signal(SIGINT, oint);
Home |
Main Index |
Thread Index |
Old Index