10.1 BETA2 World - Breaks saslauthd
Brandon Allbery
allbery.b at gmail.com
Thu Sep 25 15:18:55 UTC 2014
On Thu, Sep 25, 2014 at 11:12 AM, Tim Daneliuk <tundra at tundraware.com>
wrote:
> Yup, that worked. Thanks! Now, for those of us less than smart, could
> you explain why this was necessary in context of that MFC?
>
To me the implication is that before the MFC, PAM had a potentially quite
severe security issue involving either incorrect fallback to a default
configuration or not correctly handling error returns from a PAM stack ---
either of which could result in unauthorized users being permitted access.
--
brandon s allbery kf8nh sine nomine associates
allbery.b at gmail.com ballbery at sinenomine.net
unix, openafs, kerberos, infrastructure, xmonad http://sinenomine.net
More information about the freebsd-stable
mailing list