diff options
| -rw-r--r-- | modules/pam_filter/pam_filter.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/modules/pam_filter/pam_filter.c b/modules/pam_filter/pam_filter.c index 3b0913dd..84d59303 100644 --- a/modules/pam_filter/pam_filter.c +++ b/modules/pam_filter/pam_filter.c @@ -370,7 +370,8 @@ set_filter (pam_handle_t *pamh, int flags UNUSED, int ctrl, } } else { - /* nothing to do for a simple stream socket */ + /* nothing else to do for a simple stream socket */ + close(fd[0]); } @@ -405,6 +406,9 @@ set_filter (pam_handle_t *pamh, int flags UNUSED, int ctrl, return PAM_SUCCESS; } + if (!aterminal) + close(fd[1]); + /* Clear out passwords... there is a security problem here in * that this process never executes pam_end. Consequently, any * other sensitive data in this process is *not* explicitly |