auth_pam: pass password via PAM conversation data, remove global state#22
Conversation
Stop storing the authentication password in a global variable. Instead, pass the caller-owned password buffer to the PAM conversation function via pam_conv.appdata_ptr, as intended by the PAM API. This reduces password lifetime and scope, avoids stale or dangling global pointers, and improves correctness and security without changing authentication behavior. Signed-off-by: Nic Boet <nic@boet.cc>
There was a problem hiding this comment.
Pull request overview
This PR improves the security and correctness of the PAM authentication module by eliminating global state for password storage. Instead of using a global password variable, the password is now passed directly to the PAM conversation function through the appdata_ptr field, as intended by the PAM API design.
Key changes:
- Removed the global
static const char *passwordvariable - Modified the conversation function to retrieve the password from
appdata_ptrparameter - Added NULL checking for the password with appropriate handling
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
arkq
left a comment
arkq
left a comment
There was a problem hiding this comment.
Small explanation why your reply to Copilot comment is gone:
I wanted to add small suggestion (to use ternary) to your PR by I was not able to... I thought that the problem was Copilot comment on that line so I've removed it... but it did not help, so I've pushed a commit with a suggestion manually...
Stop storing the authentication password in a global variable. Instead, pass the caller-owned password buffer to the PAM conversation function via pam_conv.appdata_ptr, as intended by the PAM API.
This reduces password lifetime and scope, avoids stale or dangling global
pointers, and improves correctness and security without changing authentication behavior.