tech-userlevel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: suenv

On Tue, Oct 23, 2012 at 04:55:16PM +0200, Emmanuel Dreyfus wrote:
> Thor Lancelot Simon <> wrote:
> > > Background: libpthread is tagged as not loadable by dlopen() in
> > > NetBSD-6.0. This breaks PAM modules that are linked with -lpthread or
> > > that dlopen() other objects linked with -lpthread. 
> > 
> > Don't do that, then.
> Well, it is a shame that pam_p11 and pam_pkcs11 ceased to work on NetBSD
> with the 6.0 release. Do you advocate it should be left as is?

I advocate that this is eminently better than pretending security software
(that had trivially detectable buffer overruns) "worked" when in fact it
worked, if at all, only more often than not.

If those two modules have bugs, the bugs should be fixed.  Breaking
NetBSD to accomodate those modules' bugs is not an option! 

Home | Main Index | Thread Index | Old Index