From owner-freebsd-security  Fri Jan 19 20:24:11 2001
Delivered-To: freebsd-security@freebsd.org
Received: from jenkins.web.us.uu.net (jenkins.web.us.uu.net [208.240.88.32])
	by hub.freebsd.org (Postfix) with ESMTP
	id A92CB37B402; Fri, 19 Jan 2001 20:23:54 -0800 (PST)
Received: by jenkins.web.us.uu.net (Postfix, from userid 515)
	id C4E1912686; Fri, 19 Jan 2001 23:23:53 -0500 (EST)
To: djm@web.us.uu.net, kris@FreeBSD.ORG
Subject: Re: login_access()
Cc: freebsd-security@FreeBSD.ORG
Message-Id: <20010120042353.C4E1912686@jenkins.web.us.uu.net>
Date: Fri, 19 Jan 2001 23:23:53 -0500 (EST)
From: djm@web.us.uu.net (David J. MacKenzie)
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

> This sounds like a good way to proceed (well, PAM module first, then
> removal/deprecation). Are you able to submit code to do the former?

It's been done back in 1997, actually.  Linux-PAM comes with a
pam_access module that is a pamified version of that login_access()
function.  FreeBSD (-stable) comes with Linux-PAM 0.66, apparently
from 1998.  Recent versions (0.72) come with several modules
not included in FreeBSD (-stable), including pam_access.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message