Re: PAM support in Samba
- To: Christian Schwarz <schwarz@monet.m.isar.de>
- Cc: Debian Policy <debian-policy@lists.debian.org>
- Subject: Re: PAM support in Samba
- From: Joey Hess <joey@kite.ml.org>
- Date: Mon, 27 Oct 1997 19:43:10 -0500
- Message-id: <19971027194310.43016@kite>
- In-reply-to: <Pine.LNX.3.96.971027194812.14198A-100000@monet>; from Christian Schwarz on Mon, Oct 27, 1997 at 07:50:11PM +0100
- References: <19971022132634.05504@wi.leidenuniv.nl> <Pine.LNX.3.96.971027194812.14198A-100000@monet>
Christian Schwarz wrote:
> So how do people think about PAM? Should we use it? If so, it would be
> nice if someone could provide me with a proposal for a policy change.
I think PAM is too complicated for the most security-crucial part of the
system - logins. I'm sure there are pleny of security holes in there. It's
also too easy to break. I've seem PAM break in lots of strange ways, and when
it breaks, it can be pretty catastropic.
I'm completly against PAM.
--
see shy jo
Reply to: