Better group membership checking for pam_listfile item=group
Solar Designer
solar at openwall.com
Tue Dec 8 05:20:53 UTC 2009
On Mon, Dec 07, 2009 at 07:21:41PM -0800, Paul B. Henson wrote:
> One of my colleagues wrote a patch to improve pam_listfile and submitted
> it:
>
> http://www.redhat.com/archives/pam-list/2009-September/msg00003.html
>
> We never heard anything back. He has since moved on, but I'd like to follow
> up on this and try to get this included in pam so we don't need to maintain
> a locally patched version.
>
> Is there a bugzilla or something somewhere to submit this to, or what is
> the best way to get it considered for inclusion?
I cannot answer your question (I'm not the right person for that), but I
thought you could want to be aware that there exists a re-implementation
of pam_listfile, which we're maintaining and using in Openwall GNU/*/Linux:
http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/pam/
http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/pam/pam_listfile.c
http://archives.neohapsis.com/archives/pam-list/2000-12/0084.html
I don't know the current status of pam_listfile in the official
Linux-PAM, but in 2001 a reasonable action was to replace it in its
entirety, which we did.
I don't know if the re-implementation shares the same inefficiency that
you're addressing with a patch to the original implementation now.
Alexander
More information about the Pam-list
mailing list