Assar Westerlund <[EMAIL PROTECTED]> wrote:
>Peter Jeremy <[EMAIL PROTECTED]> writes:
>> We need to be able to build an application that has no dynamically
>> loaded code for recovery purposes (/stand and /sbin) as well as for
>> security.
>
>Isn't that the same problem as with PAM?
Quite probably PAM has the same problem. I haven't bumped into it
with PAM, so I can't be sure. I definitely wouldn't like to get into
the situation where init can fail to load (or be unable to validate
the single-user password for a secure console) because the appropriate
encryption library is on a partition that isn't mounted yet (or has
been corrupted somehow).
The idea of being able to dynamically add new password encrytion
schemes (PAM) or database access methods (NSS) is generally good.
The problems appear when you try to marry these schemes with the
system security and initialisation/recovery tools (which need to
rely on and trust a minimal subset of the system).
Peter
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
