Controlling PAM modules
freebsd-security at dfmm.org
freebsd-security at dfmm.org
Wed Sep 17 13:13:21 UTC 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> Do i have any standard way to skip one of the PAM module
> with out changing the service conf file.
Why do you not want to change the per-service conf files? Those files
_are_ the database.
There are a bunch of strategies that you could use to, e.g., maintain your
alterations as a diff to the base-system config so to make upgrades
easier, but a) to answer your question, no, there's nothing standard for
that, and b) that is an especially risky approach - you could completely
break your security, letting anyone in, or locking legitimate users out,
etc.
-Jason
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (FreeBSD)
Comment: See https://private.idealab.com/public/jason/jason.gpg
iD8DBQFI0PwqswXMWWtptckRAqLsAJ9taCFEPfVGwY6Rrt3qtLuHVvmNDwCfatyl
S++ho4Gf4Zl/3E6Vjkks26o=
=gGZG
-----END PGP SIGNATURE-----
More information about the freebsd-security
mailing list