Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 14 Jul 2007 13:53:26 -0400
From:      Garrett Wollman <wollman@bimajority.org>
To:        Robert Watson <rwatson@freebsd.org>
Cc:        freebsd-security@freebsd.org
Subject:   Re: OpenBSM questions
Message-ID:  <18073.3478.284631.986914@hergotha.csail.mit.edu>
In-Reply-To: <20070714164146.Q80803@fledge.watson.org>
References:  <46985815.3060308@os2.kiev.ua> <20070714164146.Q80803@fledge.watson.org>

next in thread | previous in thread | raw e-mail | index | archive | help
<<On Sat, 14 Jul 2007 16:45:14 +0100 (BST), Robert Watson <rwatson@freebsd.org> said:

> This is correct -- login services must be modified to properly set up user 
> audit state at login.  I am not familiar with work relating to this with xdm, 
> kdm, gdm, etc, but it would be very good to see this happen.

Surely this is something that belongs in a PAM module...?  The whole
point of the PAM framework is that you should *not* have to modify
every program that does a login when new mechanisms are introduced or
policy changes.

-GAWollman




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?18073.3478.284631.986914>