These may not be security issues but it's possible I overlooked something; since they live in a security boundary I thought it worth reporting with a bit of hassle. If you'd rather work on this in the open, feel free to open this.
pam_adsys.c update_policy() arggv leak in fork() failure
pam_adsys.c update_machine_policy() arggv leak in fork() failure
pam_adsys.c update_machine_policy() -- status != 0 looks like it ought to
work but I don't think that's how that API is supposed to be used
pam_adsys.c pam_sm_open_session() -- gethostname() indentation is funny
These may not be security issues but it's possible I overlooked something; since they live in a security boundary I thought it worth reporting with a bit of hassle. If you'd rather work on this in the open, feel free to open this.
pam_adsys.c update_policy() arggv leak in fork() failure machine_ policy( ) arggv leak in fork() failure machine_ policy( ) -- status != 0 looks like it ought to open_session( ) -- gethostname() indentation is funny
pam_adsys.c update_
pam_adsys.c update_
work but I don't think that's how that API is supposed to be used
pam_adsys.c pam_sm_
Thanks