Re: login_access()

From: David J. MacKenzie (djm@web.us.uu.net)
Date: 01/20/01


To: djm@web.us.uu.net, kris@FreeBSD.ORG
Date: Fri, 19 Jan 2001 23:23:53 -0500 (EST)
From: djm@web.us.uu.net (David J. MacKenzie)


> This sounds like a good way to proceed (well, PAM module first, then
> removal/deprecation). Are you able to submit code to do the former?

It's been done back in 1997, actually. Linux-PAM comes with a
pam_access module that is a pamified version of that login_access()
function. FreeBSD (-stable) comes with Linux-PAM 0.66, apparently
from 1998. Recent versions (0.72) come with several modules
not included in FreeBSD (-stable), including pam_access.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message



Relevant Pages

  • Re: pam_setcred confusion
    ... source to the standard Linux-PAM modules for that. ... I checked the DCE RFC for PAM (DCE-RFC 86.0 according ... This suggests that the FreeBSD setcred.3 man page ...
    (FreeBSD-Security)
  • Re: PAM rules inside pam.d
    ... FreeBSD hasn't used Linux-PAM since 2002 or so. ... will plan to upgrade the PAM library and see how it goes. ...
    (FreeBSD-Security)