[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: pam_setcred & pam_open_session



On Sun, 2001-11-18 at 13:15, Steve Langasek wrote:

> Having worked extensively with pam_krb5 and the issues you describe, I
> definitely believe this should be changed from a "can/should" to a
> "must".  The change will ultimately be driven by application writers who
> need to support the complexities of Kerberos-like systems; I think more
> and more applications are doing things the right way now, precisely
> because of Kerberos.

For portability sake, I should mention that Solaris 8's pam_krb5 has
rather unique behavior.  pam_authenticate updates the ccache, and
pam_setcred with PAM_REINITIALIZE_CRED just dumps core.  This is just
the beginning of the troubles with pam_krb5 from Sun, though.  I will
try to refrain from off-topic rants about Sun's Kerberos code.

Mike






[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []