pam_modutil_sanitize_helper_fds: fix SIGPIPE effect of PAM_MODUTIL_PIPE_FD - pam.git - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Dmitry V. Levin <ldv@altlinux.org>	2020-02-26 19:20:58 +0000
committer	Dmitry V. Levin <ldv@altlinux.org>	2020-02-26 19:20:58 +0000
commit	b6f73810a2e7afd02a231e2dfa14b05752c83db7 (patch)
tree	ae41b3729ad31ca73f3885ca060f6c653c2f3738 /modules/pam_tty_audit
parent	5956cf525bfb53ed0c5cade3b58f18fde4f85c42 (diff)
download	pam-b6f73810a2e7afd02a231e2dfa14b05752c83db7.tar.gz pam-b6f73810a2e7afd02a231e2dfa14b05752c83db7.tar.bz2 pam-b6f73810a2e7afd02a231e2dfa14b05752c83db7.zip

pam_modutil_sanitize_helper_fds: fix SIGPIPE effect of PAM_MODUTIL_PIPE_FD

When pam_modutil_sanitize_helper_fds() is invoked with PAM_MODUTIL_PIPE_FD to provide a dummy pipe descriptor for stdout or stderr, it closes the read end of the newly created dummy pipe. The negative side effect of this approach is that any write to such descriptor triggers a SIGPIPE. Avoid this by closing the write end of the dummy pipe and using its read end as a dummy pipe descriptor for output. Any read from such descriptor returns 0, and any write just fails with EBADF, which should work better with unprepared writers. * libpam/pam_modutil_sanitize.c (redirect_out_pipe): Remove. (redirect_out): Call redirect_in_pipe instead of redirect_out_pipe. Fixes: b0ec5d1e ("Introduce pam_modutil_sanitize_helper_fds")

Diffstat (limited to 'modules/pam_tty_audit')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: