tech-security archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: BSD Auth

On 19-Aug-08, at 12:23 AM, SODA Noriyuki wrote:

On Mon, 18 Aug 2008 14:12:10 -0400,
        "Greg A. Woods; Planix, Inc." <> said:

Previous discussions resulted in nothing really and PAM was blasted
into the tree without taking into account any technical

Such summary is unfair.

I think it's pretty fair. No consensus was reached on the contentious points

From some points of view, PAM is more secure than BSD Auth, and that
was one of reasons why PAM was choosed.

I've never seen any real technical evaluation showing PAM to be more secure.

Show me where the evaluation is.

With PAM, password attack can be only done via programs who already
own root privilege.  With BSD auth, anyone can do password attack.
For practical example, "pkgsrc/security/pam-pwauth_suid" implements
restriction that a user can try only his own password.  BSD auth opens
wider window against such attack.

I'm not sure what you're trying to show here. Your second two sentences don't even seem to follow from the first two.

I'm also not sure why BSD Auth cannot also provide the same kind of restriction, though the very desire to do so requires separate evaluation of the policies defining who can gain root privs and how they must do so.

Another reason is that some features like Kerberos credential handling
cannot be implemented by BSD auth.

Actually that's not true at all.

It may not have been done, but that's far from saying it's impossible.

I don't remember the details or even where and when I posted it but I believe even I was able to show how Kerberos credentials could be handled without resorting to PAM or anything like it.

                                        Greg A. Woods; Planix, Inc.

Home | Main Index | Thread Index | Old Index