[PATCH] Fix a memory leak in pam_smbpass

Volker Lendecke Volker.Lendecke at SerNet.DE
Thu Jan 22 09:14:18 MST 2015


On Thu, Jan 22, 2015 at 03:33:55PM +0100, Andreas Schneider wrote:
> > R-b: Me, although free() deals fine with NULL, so the if-statement in
> > ret_data_cleanup isn't necessary.
> 
> I will change that and push with your RB+.
>  
> > This triggers one question: Is pam_smbpass really going to be maintained
> > in the future? Isn't pam_winbind with winbind running locally much better?
> 
> I have at least one customer using it. I guess they should migrate to 
> something else but for now we should fix bugs.

When reviewing your patch I saw the AUTH_RETURN macro, which at least
I would write differently these days. Also, pulling half of Samba into
a login-like process via pam is something that might be academically
interesting but from a modern design perspective might raise some eyebrows
these days.

Winbind can authenticate local users, what about dumping pam_smbpass,
doing pam_winbind instead?

Volker

-- 
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de, mailto:kontakt at sernet.de


More information about the samba-technical mailing list