OpenBSM questions
Garrett Wollman
wollman at bimajority.org
Sat Jul 14 18:28:57 UTC 2007
<<On Sat, 14 Jul 2007 16:45:14 +0100 (BST), Robert Watson <rwatson at freebsd.org> said:
> This is correct -- login services must be modified to properly set up user
> audit state at login. I am not familiar with work relating to this with xdm,
> kdm, gdm, etc, but it would be very good to see this happen.
Surely this is something that belongs in a PAM module...? The whole
point of the PAM framework is that you should *not* have to modify
every program that does a login when new mechanisms are introduced or
policy changes.
-GAWollman
More information about the freebsd-security
mailing list