[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PAM authentication patch - v2

From: Brian Murphy
Subject: Re: PAM authentication patch - v2
Date: Fri, 18 Apr 2003 11:07:17 +0200
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.0) Gecko/20020623 Debian/1.0.0-0.woody.1

Max Bowsher wrote:

No, but is there any functional benefit from ignoring the warnings?
Yes. It gives the flexibility that making a soft link to the cvs binary gives a new
pam configuration. SSH is also configured this way.

The warnings:

They are quite emphatic about it.

Since there are valid reasons to run cvs setuid or setgid, is this worth the

How many people actually use cvs this way? There is nothing
in the documentation saying how to use cvs suid and in fact recommends to
use pserver to do the things you might want to do via an suid binary.

If you do decide it is worth the risk, I'm sure cautious sysadmins would
appreciate a configure option to force hardcoding.

I will do this, I would also prefer to have this option.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]