forked from pool/pam_kwallet
Fabian Vogt
51db465ce5
issues: * 0001-Several-cleanups.patch * 0002-Avoid-dropping-privileges-by-initializing-gcrypt-sec.patch * 0003-Check-for-a-graphical-session.patch OBS-URL: https://build.opensuse.org/package/show/KDE:Frameworks5/pam_kwallet?expand=0&rev=38
39 lines
1.3 KiB
Diff
39 lines
1.3 KiB
Diff
From a8153375a5006f5ca766b58a1a8f488699314a74 Mon Sep 17 00:00:00 2001
|
|
From: Fabian Vogt <fabian@ritter-vogt.de>
|
|
Date: Thu, 3 Aug 2017 09:27:10 +0200
|
|
Subject: [PATCH 2/3] Avoid dropping privileges by initializing gcrypt secmem
|
|
|
|
It's a documented side effect that initialization of secure memory in gcrypt
|
|
drops privileges if getuid() != geteuid(). This results in breaking setuid
|
|
callers, like sudo or su.
|
|
---
|
|
pam_kwallet.c | 6 ++++++
|
|
1 file changed, 6 insertions(+)
|
|
|
|
diff --git a/pam_kwallet.c b/pam_kwallet.c
|
|
index cba57e7..dc61115 100644
|
|
--- a/pam_kwallet.c
|
|
+++ b/pam_kwallet.c
|
|
@@ -696,12 +696,18 @@ int kwallet_hash(const char *passphrase, struct passwd *userInfo, char *key)
|
|
|
|
gcry_error_t error;
|
|
|
|
+ /* We cannot call GCRYCTL_INIT_SECMEM as it drops privileges if getuid() != geteuid().
|
|
+ * PAM modules are in many cases executed through setuid binaries, which this call
|
|
+ * would break.
|
|
+ * It was never effective anyway as neither key nor passphrase are in secure memory,
|
|
+ * which is a prerequisite for secure operation...
|
|
error = gcry_control(GCRYCTL_INIT_SECMEM, 32768, 0);
|
|
if (error != 0) {
|
|
free(salt);
|
|
syslog(LOG_ERR, "%s-kwalletd: Can't get secure memory: %d", logPrefix, error);
|
|
return 1;
|
|
}
|
|
+ */
|
|
|
|
gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
|
|
|
|
--
|
|
2.13.2
|
|
|