On Tue, Jan 06, 2004 at 02:56:42PM -0700, Brent McClure wrote:
> So, if I fetch a pam_handle in my process, but say I call fork() a
> separate process to call pam_authenticate() and handle the ensuing
> conversation then will I have a similar problem? Will the pam_handle
> owned by the parent process now be "out of date"?
I can't think of any state that could reasonably be stored in a pam
handle that wouldn't survive a fork(). The only caveat is that any
state referencing external resources (e.g., network sockets) may be in
use by both child and parent, and you may have to deal with this in your
code (or not share handles between processes).
--
Steve Langasek
postmodern programmer
> On Tue, Jan 06, 2004 at 02:32:28PM -0700, Brent McClure wrote:
> > Is it necessary to preserve the same pam_handle across
> > multiple calls to the various pam_* functions, or is it
> > OK to fetch a new pam_handle by calling pam_start() whenever
> > one is needed? Is there some state that is lost by doing
> > this?
>
> > So, for example is the following code actually OK, or would
> > the same 'pamh' instance need to be preserved across all of the
> > calls to pam_authenticate, pam_acct_mgmt, etc?
>
> There is definitely state that's lost by doing what you suggest.
>
> --
> Steve Langasek
> postmodern programmer
>
> > func1()
> > {
> > pam_handle_t *pamh = 0;
> > pam_start("myapp", 0, &conv, &pamh);
> > pam_authenticate(pamh, 0);
> > pam_end(pamh);
> > }
> >
> > func2()
> > {
> > pam_handle_t *pamh = 0;
> > pam_start("myapp", 0, &conv, &pamh);
> > pam_acct_mgmt(pamh, 0);
> > pam_end(pamh);
> > }
> >
> > func3()
> > {
> > pam_handle_t *pamh = 0;
> > pam_start("myapp", 0, &conv, &pamh);
> > pam_open_session(pamh)
> > pam_end(pamh);
> > }
>
>
> _______________________________________________
>
> Pam-list@xxxxxxxxxx
> https://www.redhat.com/mailman/listinfo/pam-list
Attachment:
signature.asc
Description: Digital signature
