Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 15 Jun 2011 23:49:06 +0200
From: Nicolas François <nicolas.francois@...traliens.net>
To: oss-security@...ts.openwall.com
Cc: Ludwig Nussel <ludwig.nussel@...e.de>,
	Ondřej Vašík <ovasik@...hat.com>
Subject: Re: /bin/su (was: CVE request -- coreutils -- tty
 hijacking possible in "su" via TIOCSTI ioctl)

Hello,

On Wed, Jun 15, 2011 at 09:49:20AM +0200, Ludwig Nussel wrote:
> 
> Is there actually any serious distro that doesn't use PAM though?
> Those #ifdefs to keep old shadow compatibility makes the code rather
> ugly and hard to read. Maybe it's time to just rip out the old code
> and submit a clean, PAM only su to util-linux.

I still receive bug reports for shadow-utils for the non-PAM variant.
(bug I don't remember if these bugs were reported for su).
In my case, I would prefer to keep the su non-PAM variant as long as I
would support non-PAM variants for the other tools (or as long as I
support su).

Regarding distros without PAM, there might be gentoo to be counted in the
list (although PAM is enabled by default).

Kind Regards,
-- 
Nekral

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ