D7124: Avoid dropping privileges by initializing gcrypt secmem

Fri, 04 Aug 2017 02:46:28 -0700 

fvogt created this revision.
Restricted Application added a project: Plasma.

REVISION SUMMARY
  It's a documented side effect that initialization of secure memory in gcrypt
  drops privileges if getuid() != geteuid(). This results in breaking setuid
  callers, like sudo or su.

TEST PLAN
  Can use sudo again when pam_kwallet is involved.

REPOSITORY
  R107 KWallet PAM Integration

BRANCH
  patch3

REVISION DETAIL
  https://phabricator.kde.org/D7124

AFFECTED FILES
  pam_kwallet.c

To: fvogt, #plasma
Cc: plasma-devel, ZrenBot, progwolff, lesliezhai, ali-mohamed, jensreuterberg, 
abetts, sebas, apol, mart, lukas

Reply via email to