aacid added inline comments. INLINE COMMENTS
> sitter wrote in pam_kwallet.c:313 > This can ENOMEM. Does that maybe need handling? Or will pam_set_data just > fail if you give it a nullptr? Passing nullptr is fine, see comment on https://github.com/linux-pam/linux-pam/blob/master/libpam/pam_data.c#L110 > sitter wrote in pam_kwallet.c:329 > I wonder about this comment. Can the call sequence here be random? Can open > be called before authenticate? That is a good question, the old code was kind of prepared for it. I am going to say "no" open can not be called before authenticate, if you read https://pubs.opengroup.org/onlinepubs/008329799/pam_open_session.htm it says "The pam_open_session() function opens a new session for a user previously authenticated with a call to pam_authenticate()." But my pam knowledge is between none and i googled a little, so I would be happy if someone can google a bit more and agree/disagree with me REPOSITORY R107 KWallet PAM Integration REVISION DETAIL https://phabricator.kde.org/D27935 To: aacid Cc: sitter, security-team, davidedmundson, plasma-devel, Orage, LeGast00n, The-Feren-OS-Dev, cblack, jraleigh, zachus, fbampaloukas, GB_2, ragreen, ZrenBot, ngraham, himcesjf, lesliezhai, ali-mohamed, jensreuterberg, abetts, sebas, apol, ahiemstra, mart
