Hello, Dag-Erling. You wrote 3 сентября 2013 г., 15:30:43: >> des@ suggests to have ability to pass env variables from authorization >> daemon, but anyway, pam_setcred() should be called by shell process >> (or its parent), and not any process in system, am I right? DES> Everything pam_setcred() does can be done in a separate process, and the DES> result returned to the application using sendmsg(). Why do we need separate daemon for it? Why it could not be built-in to sshd itself? One more daemon -- one more point of failure...
-- // Black Lion AKA Lev Serebryakov <[email protected]> _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
