[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: severe deficiencies in our PAM setup

In debian-devel, you wrote:

>  True, but there is also no concept of a "standard" service.  Things
>required for some things(pam_securetty) make absolutly no sense for say,
>imap or samba.  And I'm a little leary about something posing as a, say,
>kbdrate service being able to change passwords.  

pam_unix.so does this for you IF you can use things supported by libc's
NSS as your backends. What's wanted is a pam_standard.so which knows
what the standard policy for the system is, which can be augmented by
the bits you need for securettys etc.


Reply to: