pam_kwallet/0002-Avoid-dropping-privileges-by-initializing-gcrypt-sec.patch

From a8153375a5006f5ca766b58a1a8f488699314a74 Mon Sep 17 00:00:00 2001
From: Fabian Vogt <fabian@ritter-vogt.de>
Date: Thu, 3 Aug 2017 09:27:10 +0200
Subject: [PATCH 2/3] Avoid dropping privileges by initializing gcrypt secmem

It's a documented side effect that initialization of secure memory in gcrypt
drops privileges if getuid() != geteuid(). This results in breaking setuid
callers, like sudo or su.
---
 pam_kwallet.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/pam_kwallet.c b/pam_kwallet.c
index cba57e7..dc61115 100644
--- a/pam_kwallet.c
+++ b/pam_kwallet.c
@@ -696,12 +696,18 @@ int kwallet_hash(const char *passphrase, struct passwd *userInfo, char *key)
 
     gcry_error_t error;
 
+    /* We cannot call GCRYCTL_INIT_SECMEM as it drops privileges if getuid() != geteuid().
+     * PAM modules are in many cases executed through setuid binaries, which this call
+     * would break.
+     * It was never effective anyway as neither key nor passphrase are in secure memory,
+     * which is a prerequisite for secure operation...
     error = gcry_control(GCRYCTL_INIT_SECMEM, 32768, 0);
     if (error != 0) {
         free(salt);
         syslog(LOG_ERR, "%s-kwalletd: Can't get secure memory: %d", logPrefix, error);
         return 1;
     }
+    */
 
     gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
 
-- 
2.13.2
- Add various patches (pending upstream review) to fix several issues: * 0001-Several-cleanups.patch * 0002-Avoid-dropping-privileges-by-initializing-gcrypt-sec.patch * 0003-Check-for-a-graphical-session.patch OBS-URL: https://build.opensuse.org/package/show/KDE:Frameworks5/pam_kwallet?expand=0&rev=38 2017-08-09 10:40:05 +02:00			`From a8153375a5006f5ca766b58a1a8f488699314a74 Mon Sep 17 00:00:00 2001`
			`From: Fabian Vogt <fabian@ritter-vogt.de>`
			`Date: Thu, 3 Aug 2017 09:27:10 +0200`
			`Subject: [PATCH 2/3] Avoid dropping privileges by initializing gcrypt secmem`

			`It's a documented side effect that initialization of secure memory in gcrypt`
			`drops privileges if getuid() != geteuid(). This results in breaking setuid`
			`callers, like sudo or su.`
			`---`
			`pam_kwallet.c \| 6 ++++++`
			`1 file changed, 6 insertions(+)`

			`diff --git a/pam_kwallet.c b/pam_kwallet.c`
			`index cba57e7..dc61115 100644`
			`--- a/pam_kwallet.c`
			`+++ b/pam_kwallet.c`
			`@@ -696,12 +696,18 @@ int kwallet_hash(const char passphrase, struct passwd userInfo, char *key)`

			`gcry_error_t error;`

			`+ /* We cannot call GCRYCTL_INIT_SECMEM as it drops privileges if getuid() != geteuid().`
			`+ * PAM modules are in many cases executed through setuid binaries, which this call`
			`+ * would break.`
			`+ * It was never effective anyway as neither key nor passphrase are in secure memory,`
			`+ * which is a prerequisite for secure operation...`
			`error = gcry_control(GCRYCTL_INIT_SECMEM, 32768, 0);`
			`if (error != 0) {`
			`free(salt);`
			`syslog(LOG_ERR, "%s-kwalletd: Can't get secure memory: %d", logPrefix, error);`
			`return 1;`
			`}`
			`+ */`

			`gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);`

			`--`
			`2.13.2`