[prev in list] [next in list] [prev in thread] [next in thread] 

List:       pam-list
Subject:    pam_group module & open files
From:       Emmanuel Galanos eman () hotkey ! net ! au
Date:       1998-07-21 16:16:07
[Download RAW message or body]

Hi,
	The pam_group module dosn't close the group conf file after it
finishes with it. The result is that the fd gets passed on. The file is
opened read only, and dosn't contain anything really confidential, so its
not too much of a security hole.. Anyway at around line 723 (pam as
shipped with RH5.1) there just needs to be the line

		close(fd);

--
eman

[prev in list] [next in list] [prev in thread] [next in thread]