The debian-private mailing list leak, part 1. Volunteers have complained about Blackmail. Lynchings. Character assassination. Defamation. Cyberbullying. Volunteers who gave many years of their lives are picked out at random for cruel social experiments. The former DPL's girlfriend Molly de Blanc is given volunteers to experiment on for her crazy talks. These volunteers never consented to be used like lab rats. We don't either. debian-private can no longer be a safe space for the cabal. Let these monsters have nowhere to hide. Volunteers are not disposable. We stand with the victims.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Need status reports on PAM and LIBC 6, please

To: clameter@waterf.org (Christoph Lameter), "Andrew G. Morgan" <morgan@parc.power.net>
Subject: Re: Need status reports on PAM and LIBC 6, please
From: bruce@pixar.com (Bruce Perens)
Date: Thu, 16 Jan 97 12:39 PST
Cc: debian-private@lists.debian.org, morgan@lalug.org, bruce@pixar.com, galenh@micron.net
Importance: low
Priority: non-urgent
Reply-to: Bruce Perens <Bruce@Pixar.com>
Resent-from: debian-private@lists.debian.org
Resent-message-id: <"n8XZg3.0.B46.jAfto"@master.debian.org>
Resent-reply-to: debian-private@lists.debian.org
Resent-sender: debian-private-request@lists.debian.org

Andrew,

Please forgive me for not being up to speed on PAM. I asked Debian
maintainers for a go or no-go on incorporating it in our next release
and got mixed signals.

Obviously we can take the Red Hat patches (they don't mind) or we can
make our own - it makes more sense for our packages to use the PAM
_interface_ right away, so that we don't have to change everything twice.
What I think I would like to do is use that interface but only support
conventional /etc/passwd and shadow password support (and perhaps other
modules that you tell us are solid) until you make your formal 1.0
release.

The constraints we are under are:

    1. We must do a feature-freeze soon if we are to have an adequate
       testing period.  Thus, we need the mimimum feature
       set that we want to support there within two weeks at most.

	2. We can't put in features that are so unstable that they generate
       lots of customer service calls.

In your asessment, can we go with PAM without shooting ourselves in the
foot?

	Thanks

	Bruce Perens
	Debian Project Leader

! From: "Andrew G. Morgan" <morgan@parc.power.net>
! pam-0.55 only has two known bugs: pam_warn and pam_mail are broken.. These
! will be fixed in the next alpha release: 0.56preA, but are not
! vital/necessary for the operation of a Linux box. (There are a number of
! modules that use libpwdb -- you can choose not to build these when you
! compile with a top-level Makefile define.)
! 
! I would be more concerned that you have sufficient login etc.. applications
! that use PAM and can fill your system with. I have written three from
! scratch: su/login and passwd. The first two do not use libc's getpw..
! functions but libpwdb instead. It should not be that hard to make them use
! libc if you really need this, but then they will have trouble with radius
! and all the other things that are getting integrated into libpwdb.
! 
! On the other hand Red Hat have done the work to hack most applications (ftp
! etc. included) to use pam. They have been shipping their distributions with
! PAM for 5 months now. Incidentally, they use su and login based on the poe
! ones, but their passwd application is an older version of mine.
! 
! > galenh >I've been having a terrible time with the 0.55 sources, which I
! > galenh >downloaded out of curiosity.  My gut feeling is "no go".  Let's just
! 
! If there are any problems regarding PAM I would appreciate some email on
! them. PAM is being deployed around the world at a frighteningly fast rate.
! All problems are potential security problems and I will sleep better at
! night to think they are being fixed. At the very least, difficulties
! configuring PAM should be better explained in the documentation.
! 
! > galenh >deploy shadow password support, PAM supports shadow passwords anyway.
! > galenh >Does anybody have a more informed opinion?
! 
! For the record 1.00 will be the first official release (which I will
! announce on c.o.l.a). I anticipate this will be before June. All releases
! prior to this are beta. Anything with a 'pre' in the title is alpha.
! 
! Best wishes
! 
! Andrew
--
Bruce Perens K6BP   Bruce@Pixar.com   510-215-3502
Finger bruce@master.Debian.org for PGP public key.
PGP fingerprint = 88 6A 15 D0 65 D4 A3 A6  1F 89 6A 76 95 24 87 B3 


--
Please respect the confidentiality of material on the debian-private list.
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-private-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com

Follow-Ups:
- Re: Need status reports on PAM and LIBC 6, please
  - From: "Andrew G. Morgan" <morgan@parc.power.net>
- Re: Need status reports on PAM and LIBC 6, please
  - From: Chris Fearnley <cjf@netaxs.com>

Prev by Date: Re: Rethinking UPMs package format
Next by Date: Re: Need status reports on PAM and LIBC 6, please
Previous by thread: Re: Need status reports on PAM and LIBC 6, please
Next by thread: Re: Need status reports on PAM and LIBC 6, please
Index(es):
- Date
- Thread