Automatic testing of pam modules
Thorsten Kukuk
kukuk at suse.de
Mon Jun 30 12:15:22 UTC 2008
On Mon, Jun 30, rozelak at volny.cz wrote:
>
> Hallo Hannes,
>
> > --- On Mon, 6/23/08, rozelak at volny.cz <rozelak at volny.cz> wrote:
> > > did you just compiled your own pam library to use paths
> > > from env variables, or did you also do some hacks which
> > > sould be useful?
> >
> > I primarily patched the latest version to obtain pathnames
> > from environment variables. I also directed system logging
> > to a file. My aim, however, was to modify the original PAM
> > code as little as possible, since I want to reduce the
> > possibility of introducing anomalous behaviors due to the
> > changes themselves (is that Heisencode? :-).
> >
>
> Great! I absolutely agree with the effort not to affect the ordinary
> PAM (the code used when PAM is integrated within system). Were the modifications
> accepted into PAM project? Could you send me the code with your modifications?
It was not send to the PAM project (at least I never got something).
>From what I understand how it works I would also not accept it, since
it would create a big security hole.
It would be really better to work only with a copy of libpam
configured with different paths.
Thorsten
--
Thorsten Kukuk, Project Manager/Release Manager SLES
SUSE LINUX Products GmbH, Maxfeldstr. 5, D-90409 Nuernberg
GF: Markus Rex, HRB 16746 (AG Nuernberg)
More information about the Pam-list
mailing list