From owner-freebsd-security@FreeBSD.ORG  Thu May 27 11:51:38 2010
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 2125C1065670
	for <freebsd-security@freebsd.org>;
	Thu, 27 May 2010 11:51:37 +0000 (UTC)
	(envelope-from sean@gothic.net.au)
Received: from visi.gothic.net.au (visi.gothic.net.au [115.64.131.102])
	by mx1.freebsd.org (Postfix) with ESMTP id 8712E8FC15
	for <freebsd-security@freebsd.org>;
	Thu, 27 May 2010 11:51:35 +0000 (UTC)
Received: from visi.gothic.net.au (localhost [127.0.0.1])
	by visi.gothic.net.au (Postfix) with ESMTP id 6A1F71B365
	for <freebsd-security@freebsd.org>;
	Thu, 27 May 2010 21:34:23 +1000 (EST)
X-Virus-Scanned: amavisd-new at gothic.net.au
Received: from localhost ([127.0.0.1])
	by visi.gothic.net.au (visi.gothic.net.au [127.0.0.1]) (amavisd-new,
	port 10026)
	with SMTP id 2uPw9CQoEhk9 for <freebsd-security@freebsd.org>;
	Thu, 27 May 2010 21:34:18 +1000 (EST)
Received: from eee904 (dhcp173.gothic.net.au [10.168.1.173])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested) (Authenticated sender: sean)
	by visi.gothic.net.au (Postfix) with ESMTPSA id 785261B353;
	Thu, 27 May 2010 21:34:18 +1000 (EST)
Date: Thu, 27 May 2010 21:34:25 +1000
From: Sean <sean@gothic.net.au>
To: Dag-Erling =?ISO-8859-1?Q?Sm=F8rgrav?= <des@des.no>
Message-Id: <20100527213425.dca8fcf3.sean@gothic.net.au>
In-Reply-To: <86d3wh3aie.fsf@ds4.des.no>
References: <201005270325.o4R3P7Bj009279@freefall.freebsd.org>
	<AANLkTikHAZTCgc4R8AsTKFlcWXLXUF_aLGoySmP3kjyt@mail.gmail.com>
	<86d3wh3aie.fsf@ds4.des.no>
X-Mailer: Sylpheed 3.0.2 (GTK+ 2.10.14; i686-pc-mingw32)
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Cc: Dmitry Pryanishnikov <lynx.ripe@gmail.com>, freebsd-security@freebsd.org
Subject: Re: FreeBSD Security Advisory FreeBSD-SA-10:05.opie
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 27 May 2010 11:51:38 -0000

On Thu, 27 May 2010 12:27:21 +0200
Dag-Erling Sm=F8rgrav <des@des.no> wrote:

> Dmitry Pryanishnikov <lynx.ripe@gmail.com> writes:
> >   Wouldn't just commenting out all references to pam_opie* in
> > /etc/pam.d/* create a viable workaround?
>=20
> With my PAM maintainer hat on: yes.
>=20
> I'm surprised secteam didn't bother to ask me.
>=20

It would work if the application only used PAM for OPIE support. ftpd
links directly to libopie, as well as using PAM.



> DES
> --=20
> Dag-Erling Sm=F8rgrav - des@des.no
> _______________________________________________
> freebsd-security@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to
> "freebsd-security-unsubscribe@freebsd.org"


--=20
Sean Winn
sean@gothic.net.au