Re: slow su? [solved]

To: John Nemeth <jnemeth%victoria.tc.ca@localhost>
Subject: Re: slow su? [solved]
From: David Holland <dholland-current%netbsd.org@localhost>
Date: Mon, 22 Aug 2011 02:29:30 +0000

On Sat, Aug 13, 2011 at 04:23:55PM -0700, John Nemeth wrote:
 > } Yup. I was told that the fix I proposed (causing missing modules to
 > } always fail) was unacceptable. Apparently the PAM semantics are so
 > } fragile that any change to make it more robust also makes it fail open
 > } in obscure ways, or something like that.
 > 
 >      If I recall right, my reading of the PAM spec was that it should
 > ignore missing modules, but I don't have the spec in front of me at the
 > moment.  When I asked you about it, you just handwaved and said that
 > somebody you know that is supposedly a PAM expert said it would be a
 > bad idea without providing any details.  I sure would like to know why
 > we shouldn't just follow the spec...

I no longer remember who I was talking to then, but if it wasn't you
chances are it was one of the linux-pam people. My vague recollection
is that it was you that told me it wasn't acceptable but I guess that
must be entirely wrong.

-- 
David A. Holland
dholland%netbsd.org@localhost

References:
- Re: slow su? [solved]
  - From: David Holland
- Re: slow su? [solved]
  - From: John Nemeth

Prev by Date: Re: replace PAM with BSD Auth (was: slow su? [solved])
Next by Date: Re: something broken w/ native bmake?
Previous by Thread: Re: slow su? [solved]
Next by Thread: daily CVS update output
Indexes:

Home | Main Index | Thread Index | Old Index