Package: login Version: 1:4.0.18.1-5 Severity: minor >From src/su.c:
child = fork (); if (child == 0) { /* child shell */ pam_end (pamh, PAM_SUCCESS); if (doshell) (void) shell (shellstr, (char *) args[0], envp); else (void) execve (shellstr, (char **) args, envp); exit (errno == ENOENT ? E_CMD_NOTFOUND : E_CMD_NOEXEC); } else if (child == -1) { Is there a good reason (security related or other) why pam_end() is called here? With libpam-krb5, it has the effect that the ticket cache is removed, before the user has a chance to use it. Thanks Arne -- System Information: Debian Release: 4.0 APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.17-2-k7 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages login depends on: ii libc6 2.3.6.ds1-7 GNU C Library: Shared libraries ii libpam-modules 0.79-4 Pluggable Authentication Modules f ii libpam-runtime 0.79-4 Runtime support for the PAM librar ii libpam0g 0.79-4 Pluggable Authentication Modules l login recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]