From owner-freebsd-security Wed Jan 17 17: 6:10 2001 Delivered-To: freebsd-security@freebsd.org Received: from ukexchange.avantgo.com (unknown [62.41.97.90]) by hub.freebsd.org (Postfix) with ESMTP id 2590837B6A5 for ; Wed, 17 Jan 2001 17:05:53 -0800 (PST) Received: by ukexchange.ldn.avantgo.com with Internet Mail Service (5.5.2650.21) id ; Thu, 18 Jan 2001 01:05:40 -0000 Received: from nayarit.avantgo.com ([10.1.30.1]) by sampnt500.avantgo.com with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2650.21) id CN0QW9GF; Wed, 17 Jan 2001 17:05:33 -0800 Received: from nayarit.avantgo.com (localhost.avantgo.com [127.0.0.1]) by nayarit.avantgo.com (Postfix) with ESMTP id 9424DF80D; Wed, 17 Jan 2001 17:05:43 -0800 (PST) From: Michael Kiernan To: Bill Fumerola Cc: freebsd-security@FreeBSD.ORG X-Mailer: exmh version 2.2 06/23/2000 with nmh-1.0.4 Subject: Re: full PAM support for login, rshd, and su In-Reply-To: Your message of "Wed, 17 Jan 2001 16:07:39 CST." <20010117160739.Q76347@elvis.mu.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Wed, 17 Jan 2001 17:05:43 -0800 Message-Id: <20010118010543.9424DF80D@nayarit.avantgo.com> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, 17 Jan 2001 16:07:39 CST, Bill Fumerola wrote: > On Wed, Jan 17, 2001 at 04:47:35PM -0500, David J. MacKenzie wrote: > > > I think if you're going to ship PAM, you should actually use it. > > The OpenSSH shipped with FreeBSD (as of 4.2-STABLE) is also missing > > the USE_PAM support that's in the portable OpenSSH release. I highly > > recommend importing that code into your source tree. I'm going to > > have to do so in my tree. > > The openssh people have made life difficult for those trying to do work > in this area by instantly forking all their code. Is there a reason we import from OpenBSD's OpenSSH source tree as opposed to importing the "portable" release? OpenBSD will probably never use PAM. Since we use their code we put ourselves in the position of duplicating the work that goes into the portable release, such as the PAM support. Can somebody shed some light on the background of this decision? Just curious. Thanks, Mike -- Michael Kiernan mkiernan@avantgo.com +1-650-638-7581 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message