Re: coupe things RedHat does well and Debian should too

[ressu@uusikaupunki.fi (Sami Haahtinen)]

On Fri, May 05, 2000 at 01:12:06PM -0400, Michael Stone wrote:
> These are both security nightmares, and I would object to them going in
> as anything other than optional modules with warning messages.

(AFAIR) there just was some discussion about these somewhere, i think
it was BugTraq... about security problems with pam_console..

also, i think this might be a good idea for a workstation, which is used
for gaming. (so we should consider these too) but i still think that it
might be nice to write something like pam_addgroup.. which would add
the user that logs in to certain groups, ofcourse this does not cover
SVGALib programs, but for that we could use somekind of program to check
which group a user belongs to and if user belongs to a correct group it
would permit suid root...

yes, i know that this is not the best solution, but still we need
a solution!

at some point someone wants to play with Linux.. and when they can't
(easily) they will drop Linux...
-- 
My Two cents!