From owner-freebsd-security@FreeBSD.ORG Wed Sep 4 07:53:14 2013 Return-Path: Delivered-To: freebsd-security@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 24880E32; Wed, 4 Sep 2013 07:53:14 +0000 (UTC) (envelope-from des@des.no) Received: from smtp.des.no (smtp.des.no [194.63.250.102]) by mx1.freebsd.org (Postfix) with ESMTP id D2BF22B6B; Wed, 4 Sep 2013 07:53:13 +0000 (UTC) Received: from nine.des.no (smtp.des.no [194.63.250.102]) by smtp-int.des.no (Postfix) with ESMTP id C19324D69; Wed, 4 Sep 2013 07:53:12 +0000 (UTC) Received: by nine.des.no (Postfix, from userid 1001) id 3A26F33B57; Wed, 4 Sep 2013 09:53:14 +0200 (CEST) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: lev@FreeBSD.org Subject: Re: OpenSSH, PAM and kerberos References: <86sixrwdcv.fsf@nine.des.no> <20130830131455.GW3796@zxy.spb.ru> <8661uj9lc6.fsf@nine.des.no> <20130902181754.GD3796@zxy.spb.ru> <867geywdfc.fsf@nine.des.no> <20130903083301.GF3796@zxy.spb.ru> <86y57euu8y.fsf@nine.des.no> <20130903093756.GG3796@zxy.spb.ru> <86ppsqutw7.fsf@nine.des.no> <998724759.20130903142637@serebryakov.spb.ru> <20130903103922.GI3796@zxy.spb.ru> <6110257289.20130903145034@serebryakov.spb.ru> <86d2oquopo.fsf@nine.des.no> <226539732.20130903154908@serebryakov.spb.ru> <8661uiujin.fsf@nine.des.no> <1734535072.20130903174359@serebryakov.spb.ru> <86vc2it2ip.fsf@nine.des.no> <1601348478.20130903182152@serebryakov.spb.ru> <86fvtludku.fsf@nine.des.no> <1289783626.20130904002038@serebryakov.spb.ru> Date: Wed, 04 Sep 2013 09:53:14 +0200 In-Reply-To: <1289783626.20130904002038@serebryakov.spb.ru> (Lev Serebryakov's message of "Wed, 4 Sep 2013 00:20:38 +0400") Message-ID: <867gext445.fsf@nine.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Cc: freebsd-security@FreeBSD.org, Slawa Olhovchenkov X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Sep 2013 07:53:14 -0000 Lev Serebryakov writes: > Accept input from hostile user is huge security issue per se? Ouch. In > modern world there are only hostile users. Yes, all our software has > huge security issue, I know that :) Please look up "privilege separation" on Wikipedia so you have at least *some* idea of what we're talking about. > As far as I understand, PAM is not 40-years-old getpwnam() API. It is > (relative) modern API to replace getpwnam(), with support of modern > identity databases in mind. No, PAM does not replace getpwnam(). PAM does not handle identity at all. NSS handles identity with the old getpwnam() API. I'm not going to answer the rest - it is so full of misconceptions, fallacies and incorrect assumptions that I simply don't have the energy. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no