Date: 19 Jan 2002 18:16:20 +0100 From: Dag-Erling Smorgrav <des@ofug.org> To: "Andrey A. Chernov" <ache@nagual.pp.ru> Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/libexec/ftpd ftpd.c Message-ID: <xzpofjq8dnf.fsf@flood.ping.uio.no> In-Reply-To: <20020119163648.GD10976@nagual.pp.ru> References: <200201190901.g0J91H641020@freefall.freebsd.org> <xzp1ygm9vc8.fsf@flood.ping.uio.no> <20020119163648.GD10976@nagual.pp.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
"Andrey A. Chernov" <ache@nagual.pp.ru> writes: > 1) I agree that PAM_CRED_ERR may be not the perfect choice and hear for > better altenatives. Possibly PAM_CRED_UNAVAIL. It depends on what exactly you mean by it. > 2) Excepting that thing, you already see my patches in the tree. I may > produce diff, if it is needed. That's no good. You've spammed two PAM modules, two PAM applications and three PAM configuration file with unreviewed, unapproved and (mostly) incorrect changes, and you expect Mark and me to just accept that and clean up after you? That's not the way things work. Please back out all your commits, then submit a patch for review. As a side note, the sheer number of commits you made to the same files in a very short time span are (to me) a clear indication that your changes were poorly thought out and poorly tested, and that your understanding of how PAM works is insufficient. If you knew what you were doing, had thought things out, and had tested your patches thoroughly, a single commit to each affected file would have sufficed. > 3) I already post most detailed explanation considering all possible > variants. I can resend it to you, if you miss it in the thread. I haven't seen a "most detailed explanation"; I've only seen a series of confused, disjointed excuses. I want to see a single message that clearly explains, in order: 1) what the current behavior is 2) why it is incorrect 3) how you propose to fix it and I want it to be accompanied by a complete unified diff of the proposed changes. For what it's worth, I've read the log messages skimmed through the diffs, and from my point of view your changes fall into two broad categories: 1) Changes that attempt to work around a small amount of breakage in libopie by introducing moderate to large amounts of breakage in pam_opie(8), ftpd(8) and login(1). These have some merit in that they try to correct an error, but I believe the approach is wrong. 2) Changes to perfectly good code that simply enforce your opinion of how PAM should behave, with no regard for the opinion of the PAM maintainers or of the security officer. These have no merit whatsoever unless you manage to convince Kris that information leakage is not a security problem. As Kris already stated, PAM is a critical piece of security infra- structure, and you may not commit changes to it without discussing them first - at the very least with Mark and myself, and preferably also on -arch, -audit and / or -security. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?xzpofjq8dnf.fsf>