Date: Fri, 23 May 2003 21:54:45 +0200 From: Dag-Erling Smorgrav <des@ofug.org> To: Ruslan Ermilov <ru@FreeBSD.org> Cc: current@FreeBSD.org Subject: Re: 5.1 beta2 still in trouble with pam_ldap Message-ID: <xzpu1blv3p6.fsf@flood.ping.uio.no> In-Reply-To: <20030523194909.GB11988@sunbay.com> (Ruslan Ermilov's message of "Fri, 23 May 2003 22:49:09 %2B0300") References: <20030522184631.A23366@bart.esiee.fr> <xzp65o2zkhf.fsf@flood.ping.uio.no> <20030522224850.GK87863@roark.gnf.org> <xzpof1uy28n.fsf@flood.ping.uio.no> <20030523060846.GC17107@sunbay.com> <xzp4r3mxjrx.fsf@flood.ping.uio.no> <20030523062848.GG17107@sunbay.com> <xzpr86pwx5m.fsf@flood.ping.uio.no> <20030523193724.GA9240@sunbay.com> <xzp1xypwiwa.fsf@flood.ping.uio.no> <20030523194909.GB11988@sunbay.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Ruslan Ermilov <ru@FreeBSD.org> writes: > Works for the generic case, but not for this particular example. > Just run "shutdown -k now" locally, and watch how funny the login > session looks. I don't think we're leaking something here. ;) > Hm, or maybe this is just the problem with pam_nologin(8) not > respecting the "no_warn" option? hmm I think you're right - in the nologin case, information leak isn't an issue. We should change it to requisite. I need to go through the policies and change "sufficient" to "binding" anyway, so I'll take care of it once the freeze lifts. DES -- Dag-Erling Smorgrav - des@ofug.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?xzpu1blv3p6.fsf>