Date: 19 Jan 2002 18:16:20 +0100 From: Dag-Erling Smorgrav <des@ofug.org> To: "Andrey A. Chernov" <ache@nagual.pp.ru> Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/libexec/ftpd ftpd.c Message-ID: <xzpofjq8dnf.fsf@flood.ping.uio.no> In-Reply-To: <20020119163648.GD10976@nagual.pp.ru> References: <200201190901.g0J91H641020@freefall.freebsd.org> <xzp1ygm9vc8.fsf@flood.ping.uio.no> <20020119163648.GD10976@nagual.pp.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
"Andrey A. Chernov" <ache@nagual.pp.ru> writes:
> 1) I agree that PAM_CRED_ERR may be not the perfect choice and hear for
> better altenatives.
Possibly PAM_CRED_UNAVAIL. It depends on what exactly you mean by it.
> 2) Excepting that thing, you already see my patches in the tree. I may
> produce diff, if it is needed.
That's no good. You've spammed two PAM modules, two PAM applications
and three PAM configuration file with unreviewed, unapproved and
(mostly) incorrect changes, and you expect Mark and me to just accept
that and clean up after you? That's not the way things work. Please
back out all your commits, then submit a patch for review.
As a side note, the sheer number of commits you made to the same files
in a very short time span are (to me) a clear indication that your
changes were poorly thought out and poorly tested, and that your
understanding of how PAM works is insufficient. If you knew what you
were doing, had thought things out, and had tested your patches
thoroughly, a single commit to each affected file would have sufficed.
> 3) I already post most detailed explanation considering all possible
> variants. I can resend it to you, if you miss it in the thread.
I haven't seen a "most detailed explanation"; I've only seen a series
of confused, disjointed excuses. I want to see a single message that
clearly explains, in order:
1) what the current behavior is
2) why it is incorrect
3) how you propose to fix it
and I want it to be accompanied by a complete unified diff of the
proposed changes.
For what it's worth, I've read the log messages skimmed through the
diffs, and from my point of view your changes fall into two broad
categories:
1) Changes that attempt to work around a small amount of breakage in
libopie by introducing moderate to large amounts of breakage in
pam_opie(8), ftpd(8) and login(1). These have some merit in that
they try to correct an error, but I believe the approach is
wrong.
2) Changes to perfectly good code that simply enforce your opinion
of how PAM should behave, with no regard for the opinion of the
PAM maintainers or of the security officer. These have no merit
whatsoever unless you manage to convince Kris that information
leakage is not a security problem.
As Kris already stated, PAM is a critical piece of security infra-
structure, and you may not commit changes to it without discussing
them first - at the very least with Mark and myself, and preferably
also on -arch, -audit and / or -security.
DES
--
Dag-Erling Smorgrav - des@ofug.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?xzpofjq8dnf.fsf>