[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

PAM version of "wheel group" su validation



If I may suggest a possible contribution which could be useful now --

A while ago Marek Michalkiewicz suggested adopting the login restriction   
logic which is in place for the shadow suite as a PAM module when it was   
suggested that we do a "wheel group" su implementation.

Since you are so familiar with the shadow password suite, do you think   
that you may wish to do that? All that should be required is to fetch the   
values from the current pam handle for the user name and tty name   
(defaulting to ttyname(0) if there is no tty name) and then using the   
logic from the shadow function to validate the access.

Does this sound interesting, or at least as a place to "get your feet   
wet"?

I originally asked Marek if he was planning to do this. I did not receive   
a reply so I suppose that he is not. It is a "good idea".

["Cc" fields trimmed to just the PAM list. A copy of Marek's original   
mail message is also forwarded to Cristian.]

 ----------
From:  Cristian Gafton[SMTP:gafton@sorosis.ro]
Sent:  Tuesday, June 11, 1996 1:44 AM
To:  shadow-list
Cc:  PAM List; shadow-list
Subject:  Re: ANNOUNCE: Shadow + Red Hat (and more) RPMS and source now

On Mon, 10 Jun 1996, Marek Michalkiewicz wrote:

> libpam will not replace libcrypt.  All it takes to use libcrypt is to
> link the program with it.  It will be even easier as soon as ld.so
> 1.8.x goes out of beta testing - just edit /etc/ld.so.preload and no
> programs need to be rebuilt at all.  I don't think it is messy.

Or simplier, integrate it in the pam_unix directly. A shorter path, IMHO.

> One thing I can't do with libcrypt is to port it to the Alpha and make
> sure it gives the same results (I heard that even the regular crypt()
> had this problem for a while).  Anyone?

If all goes well, I should get the memory for my AXP 266 motherboard in
about two weeks (from Digital). Add a week of getting used with Alpha
arhitecture...



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []