Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 22 May 2012 20:22:58 +0200
From: aep <aep@...s.org>
To: <musl@...ts.openwall.com>
Subject: Re: make -i with linux-pam


On Tue, 22 May 2012 18:51:50 +0200, Christian Neukirchen wrote:

> A bit OT: I realize utmp has major flaws, but the feature itself 
> (seeing
> which users are logged in) I consider useful,

That ... actually is the flaw.

> for machines with more
> than one user.  How else can that be done?

If your requirements are identical to utmp (only one possible login 
mechanism, compromising user privacy is intended), then utmp is the way 
to go.
What's from the 60s, is just cramming it into libc and giving John Doe 
write access for logging his lunch times.
Which is why i argued not to make it a stub, but instead fail compiling 
and let users figure out where to get a logwtmp from (maybe even 
submitting it upstream to pam!)
People actually using PAM, will probably also want "who" to work, and 
if pam is the god given login system on your machine, then there's 
nothing wrong with giving it exclusive utmp access.

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.