From owner-freebsd-bugs Sun Dec 22 02:00:05 1996 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.4/8.8.4) id CAA25807 for bugs-outgoing; Sun, 22 Dec 1996 02:00:05 -0800 (PST) Received: (from gnats@localhost) by freefall.freebsd.org (8.8.4/8.8.4) id CAA25772; Sun, 22 Dec 1996 02:00:02 -0800 (PST) Date: Sun, 22 Dec 1996 02:00:02 -0800 (PST) Message-Id: <199612221000.CAA25772@freefall.freebsd.org> To: freebsd-bugs Cc: From: J Wunsch Subject: Re: bin/2265: su(1) does not call skeyaccess() Reply-To: J Wunsch Sender: owner-bugs@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk The following reply was made to PR bin/2265; it has been noted by GNATS. From: J Wunsch To: bradley@dunn.org Cc: FreeBSD-gnats-submit@freebsd.org, guido@gvr.win.tue.nl (Guido van Rooij) Subject: Re: bin/2265: su(1) does not call skeyaccess() Date: Sun, 22 Dec 1996 10:33:24 +0100 (MET) As bradley@dunn.org wrote: > >Description: > > su(1) does not call skeyaccess() (from libskey), thus rendering the > controls in /etc/skey.access useless. Well, it rather seems like it was deliberately omitted, as opposed to forgotten. A user running su(1) has already been authenticated to the system, and _that's_ where skey.access should hit. Guido, any comments on this (and perhaps even a manpage for skeyaccess(3) :)? -- cheers, J"org joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ -- NIC: JW11-RIPE Never trust an operating system you don't have sources for. ;-)