[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: pam_autologin



On Tue, Apr 30, 2002 at 10:24:25AM +1000, Tim Johnston wrote:

> As a practical matter the security issues you raise aren't of any interest
> at all - they are completely irrelevant.

> The WHOLE POINT of all this is that is intended for a LOCAL LAN, with
> controlled access, and no login access from outside. If that wasn't the
> situation, it would probably be inadvisable to use this module.  Was
> that really not clear from my message ?

It was clear that you intended for the module to be used primarily for
granting access to users on a local network.  It was /not/ clear that
you intended for your security model to be totally dependent on the
strength of your firewall, which is effectively the case if you don't
protect against spoofing DNS to match a tty name.

> Incidentally, why do you post your messages as attachments ? My
> impression is that plain text is the universal standard of lists and
> newsgroups.

I would suggest that you consider using a more standards-compliant mail
client.

Steve Langasek
postmodern programmer

Attachment: pgp00006.pgp
Description: PGP signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []