Date: Sat, 8 Jan 2000 23:08:35 +0000 From: David Malone <dwmalone@maths.tcd.ie> To: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org> Cc: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>, freebsd-current@freebsd.org Subject: Re: PAM'ized su(1) Message-ID: <20000108230835.A88514@walton.maths.tcd.ie> In-Reply-To: <3.0.5.32.20000108141410.00933c40@localhost>; from Kurt@OpenLDAP.org on Sat, Jan 08, 2000 at 02:14:10PM -0800 References: <3.0.5.32.20000108124258.0093bb90@localhost> <3.0.5.32.20000108112936.0095f440@localhost> <200001081932.OAA52181@khavrinen.lcs.mit.edu> <3.0.5.32.20000108124258.0093bb90@localhost> <200001082143.QAA52528@khavrinen.lcs.mit.edu> <3.0.5.32.20000108141410.00933c40@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Jan 08, 2000 at 02:14:10PM -0800, Kurt D. Zeilenga wrote: > At 04:43 PM 1/8/00 -0500, Garrett Wollman wrote: > >Hmmm. I don't see any such module. Or are you proposing to write > >one? > > No. I'd just pull the pam_wheel from the Attic. If it came from the linux version of pam, then pam_wheel is broken. It uses the groups of the person listed in utmp as owning the tty, instead of the groups of the person running su. This breaks stuff like su'ing to a sysadmin and then su'ing to root from a normal users terminal, and means you can't su without a utmp entry. David. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000108230835.A88514>