Date: Thu, 9 Oct 2003 09:58:25 -0400 (EDT) From: Eric van Gyzen <vangyzen@stat.duke.edu> To: FreeBSD-gnats-submit@FreeBSD.org Subject: docs/57799: pam_self(8) man page is wrong Message-ID: <200310091358.h99DwP3H029668@stat.duke.edu> Resent-Message-ID: <200310091400.h99E0bwd064289@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 57799
>Category: docs
>Synopsis: pam_self(8) man page is wrong
>Confidential: no
>Severity: serious
>Priority: low
>Responsible: freebsd-doc
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: doc-bug
>Submitter-Id: current-users
>Arrival-Date: Thu Oct 09 07:00:36 PDT 2003
>Closed-Date:
>Last-Modified:
>Originator: Eric van Gyzen
>Release: FreeBSD 5.1-RELEASE i386
>Organization:
>Environment:
FreeBSD 5.1-RELEASE
>Description:
The pam_self(8) man page says
If the current real user ID is non-zero, authentication will fail,
unless the allow_root option was specified.
but the code -- and my intuition -- says
if (uid == 0 && !openpam_get_option(pamh, OPT_ALLOW_ROOT))
return (PAM_AUTH_ERR);
>How-To-Repeat:
N/A
>Fix:
If I correctly understand the intended usage of the pam_self(8) module,
the man page should be corrected to say
If the current real user ID is zero, authentication will fail,
^^^^
unless the allow_root option was specified.
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200310091358.h99DwP3H029668>