I wrote: > > SimplePAMApps is a package that provides small PAM-only implementations > > of login, passwd, and su. It is essentially unmaintained upstream - so > > we're maintaining it ourselves. (Maybe we should be making releases of > > "our" SimplePAMApps separately from Owl.) On Sat, Jul 01, 2006 at 09:21:10PM -0600, Vincent Danen wrote: > Yeah, I finally updated my CVS copy of owl and started grepping for > passwd and found that. I was fiddling with it a bit before I had to > take off, and there's some gcc4 cleanup that's needed I think in order > for passwd to compile properly. If SimplePAMApps requires any fixes for gcc 4.1+, I'm sure Dmitry already has those implemented for ALT Linux's distributions. > But I plan on dropping that in on my test vm and see if that makes a > difference. If so, it'll be nice because our passwd is the only thing > that uses libuser, so if I can drop it, fantastic. The other stuff I > see in SimplePAMApps look to already be provided by util-linux, so the > only thing I'm really interested in is passwd. The implementations of all three utilities - login, passwd, and su - are smaller and likely safer than those from util-linux and the shadow suite. Owl-current on x86: -rwx------ 1 root root 18604 2006-05-06 03:56 /bin/login -rwx------ 1 root root 19120 2006-05-06 03:56 /bin/su -rwx--s--x 1 root shadow 6884 2006-05-06 03:56 /usr/bin/passwd RHEL3 Update 6 on x86: -rwxr-xr-x 1 root root 19868 Sep 14 2005 /bin/login -rwx------ 1 root root 46156 Jul 22 2005 /bin/su -r-s--x--x 1 root root 17700 Jun 25 2004 /usr/bin/passwd (the perms on /bin/su is a local change). > I should, now that I'm thinking of it, just try the passwd program from > the shadow-utils suite too... that might work. Yes, it might work, but I do not recommend it. > In fact, openwall was where I got the > idea of tagging stuff with -avx- or -fdr- or -mdk-, etc. FWIW, when Red Hat Linux was split into RHEL and Fedora, we continued to tag patches from Fedora with -rh-. We did not introduce a -fdr-. -- Alexander Peslyak <solar at openwall.com> GPG key ID: B35D3598 fp: 6429 0D7E F130 C13E C929 6447 73C3 A290 B35D 3598 http://www.openwall.com - bringing security into open computing environments
This archive was generated by hypermail 2.1.3 : Sat Jul 01 2006 - 20:49:13 PDT