Date: Wed, 19 Mar 2003 00:41:48 +0100 From: des@ofug.org (Dag-Erling =?iso-8859-1?q?Sm=F8rgrav?=) To: Julian Elischer <julian@elischer.org> Cc: re@freebsd.org, hackers@freebsd.org Subject: Re: rumour of password aging failure in 4.7/4.8RC Message-ID: <xzpfzpk1bur.fsf@flood.ping.uio.no> In-Reply-To: <xzp3clk2ulz.fsf@flood.ping.uio.no> (des@ofug.org's message of "Tue, 18 Mar 2003 23:11:20 %2B0100") References: <Pine.BSF.4.21.0303181250540.79971-100000@InterJet.elischer.org> <xzp3clk2ulz.fsf@flood.ping.uio.no>
next in thread | previous in thread | raw e-mail | index | archive | help
des@ofug.org (Dag-Erling Sm=F8rgrav) writes: > > How does PAM come into this? > It doesn't, really. It's a privsep problem + the fact that some of > the pertinent code has been disabled and / or left unimplemented > because it wouldn't work with privsep (so turning privsep off won't > help). I just checked the code, and it should actually work if privsep is turned off (which should be reasonably safe - there are no known vulnerabilities in the OpenSSH versions which ship with 4.7 and 4.8, and the recent OpenSSL problem doesn't affect OpenSSH). You may want to give it a try. DES --=20 Dag-Erling Sm=F8rgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?xzpfzpk1bur.fsf>