Hello, You may have noticed that recently a new package named "tcb" has been added to Owl-current. It features the new implementation of pam_unix module and the new method of storing password hashes. The interesting point is if you invest your time in reading tcb(5) and tcb_convert(8) man pages, you will be able to configure your Owl system so that many utilities can run with low privileges. Most notably, passwd(1) does not need to be suid root. Currently, new features are disabled by default. Soon during install time one will be given a choice between the old shadowed passwords scheme and the new tcb scheme. Meanwhile, we encourage you to test new tcb features and share with owl-users@private the experience gained. You may also be interested that on 23-25th November there will be held a Linux conference, which will feature a talk on Owl. The event is named JWGL (http://www.7bulls.com/JWGL), it is held near Warsaw, Poland. It is the fourth edition of the conference which focuses on professional Linux and GNU software appliances. The event is mostly local (the speeches are given in Polish), but if you want to meet Richard Stallman personally, this is the occasion :) The JWGL Owl talk will cover amongst others: - Owl security and design concepts - software developed for the needs of Owl - generic methods to improve software security (examples from Owl) - the tcb scheme: the "least privilege" rule in flesh Save yourself, Nergal
This archive was generated by hypermail 2.1.3 : Sun Jan 15 2006 - 13:43:15 PST