Mike Leibowitz and folks on the security team are currently exploring this idea - it's not a wrong idea at all - I proposed the very same idea before the vacation.
Auke On Thu, Jan 9, 2014 at 8:36 AM, José Bollo <[email protected]> wrote: > Hi, > > We are facing problems with the commands 'su' and 'ssh' that don't set > the user Smack context. Such a service would naturally be accomplished > by PAM the pluggable authentication module that is integrated with well > known commands: 'login', 'su', 'ssh' and by other less known as Gnome > session manager or weston. > > Currently, the context is set by systemd. I would like to know if there > is a reason that explains that systemd doesn't use login+pam to achieve > that behaviour? > > I'm thinking that a pam_smack module would be the most integrated way of > doing the thing. Why would it be wrong to think that? Ideas? > > I've looked at what have to be done for making a pam_smack module and it > make me believe that it is really easy to achieve. > > Best Regards > José Bollo > > > _______________________________________________ > Dev mailing list > [email protected] > https://lists.tizen.org/listinfo/dev _______________________________________________ Dev mailing list [email protected] https://lists.tizen.org/listinfo/dev
