Date: Wed, 17 Sep 2008 05:46:34 -0700 (PDT) From: freebsd-security@dfmm.org To: Ivan Grover <ivangrvr299@gmail.com> Cc: freebsd-security@freebsd.org Subject: Re: Controlling PAM modules Message-ID: <alpine.BSF.1.00.0809170537440.20266@treehorn.dfmm.org> In-Reply-To: <670f29e20809170453o43a2ae37sfd548de1ea7e70be@mail.gmail.com> References: <670f29e20809170453o43a2ae37sfd548de1ea7e70be@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > Do i have any standard way to skip one of the PAM module > with out changing the service conf file. Why do you not want to change the per-service conf files? Those files _are_ the database. There are a bunch of strategies that you could use to, e.g., maintain your alterations as a diff to the base-system config so to make upgrades easier, but a) to answer your question, no, there's nothing standard for that, and b) that is an especially risky approach - you could completely break your security, letting anyone in, or locking legitimate users out, etc. -Jason -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (FreeBSD) Comment: See https://private.idealab.com/public/jason/jason.gpg iD8DBQFI0PwqswXMWWtptckRAqLsAJ9taCFEPfVGwY6Rrt3qtLuHVvmNDwCfatyl S++ho4Gf4Zl/3E6Vjkks26o= =gGZG -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.1.00.0809170537440.20266>