Date: Fri, 19 Jan 2001 13:32:50 -0500 From: "David J. MacKenzie" <djm@web.us.uu.net> To: freebsd-security@FreeBSD.ORG Cc: djm@web.us.uu.net Subject: pam_setcred confusion Message-ID: <20010119183250.9CBC612685@jenkins.web.us.uu.net>
next in thread | raw e-mail | index | archive | help
A note about my PAM patches: the FreeBSD man page for pam_setcred says:
This function is used to establish, maintain and delete
the credentials of a user. It should be called after a
user has been authenticated and before a session is opened
^^^^^^
for the user (with pam_open_session(3)).
The Solaris 8 man page for pam_setcred says:
The pam_setcred() function is used to establish, modify, or
delete user credentials. It is typically called after the
user has been authenticated and after a session has been
^^^^^
opened. See pam_authenticate(3PAM), pam_acct_mgmt(3PAM),
and pam_open_session(3PAM).
Notice that they disagree on the order of the PAM calls.
When I wrote my patches I was referencing the Solaris documentation.
Perhaps the order doesn't matter, in practice.
If it does, then the order of pam_open_session() and pam_setcred()
calls may need to be reversed.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010119183250.9CBC612685>