From: Pankaj Garg <gargp@acm.org>
To: "Chad C. Walstrom" <chewie@wookimus.net>
Cc: help-gnats@gnu.org
Subject: Re: Preparing 4.1...
Date: Sun, 31 Oct 2004 14:03:00 -0000 [thread overview]
Message-ID: <AB82CD1E-2B45-11D9-AB0B-000D93336F56@acm.org> (raw)
In-Reply-To: <20041029213319.GA14062@wookimus.net>
Yes, I'll put a cautionary note in gnats.texi.
I don't think we can block modules selectively. Anyhow, people
using PAM modules should know what they are doing, and will
be careful of security issues, specially if we warn them.
I'm under the impression that if you use a client and server
on the same machine, then there is no security problem. Is this
correct?
Pankaj
On Oct 29, 2004, at 2:33 PM, Chad C. Walstrom wrote:
> I'm going to hold off on the PAM patch for just a while longer.
> Pankaj,
> do you think it would be possible to add a cautionary note in
> gnats.texi
> regarding the security problems in exposing the PAM to GNATS
> authentictation (i.e. plain-text network protocol sniffing)? For
> example, we should suggest that administrators not authenticate system
> accounts through GNATS. Rather, give suggestions for using other PAM
> modules to authenticate against alternate passwd or db format files.
>
> (Is it possible to blacklist pam modules for use w/gnats?)
>
--
Pankaj K Garg garg@zeesource.net
1684 Nightingale Avenue 408-373-4027
Suite 201 408-733-2737(fax)
Sunnyvale, CA 94087 http://www.zeesource.net
_______________________________________________
Help-gnats mailing list
Help-gnats@gnu.org
http://lists.gnu.org/mailman/listinfo/help-gnats
next prev parent reply other threads:[~2004-10-31 14:03 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-10-29 21:33 Chad C. Walstrom
2004-10-31 14:03 ` Pankaj Garg [this message]
2004-11-01 19:09 ` Pankaj Garg
2004-11-03 22:39 ` Chad C. Walstrom
2004-11-03 22:46 ` Chad C. Walstrom
-- strict thread matches above, loose matches on Subject: below --
2004-06-10 21:20 CVS, Documentation, TODO Lists, New Maintainer, and Stuff Chad C. Walstrom
2004-06-10 21:44 ` Chad C. Walstrom
2004-06-13 8:51 ` Mel Hatzis
2004-06-13 23:01 ` Andrew Gray
2004-06-11 22:28 ` Yngve Svendsen
2004-06-14 17:07 ` Pankaj K Garg
2004-06-14 17:16 ` Chad C. Walstrom
2004-06-20 17:39 ` PAM Authentication Patch Pankaj K Garg
[not found] ` <gargp@earthlink.net>
2004-06-20 17:59 ` Mark D. Baushke
2004-06-21 7:25 ` Chad Walstrom
2004-06-21 15:26 ` Chad Walstrom
[not found] ` <chewie@wookimus.net>
2004-06-21 15:34 ` Mark D. Baushke
2004-11-04 1:27 ` Preparing 4.1 Mark D. Baushke
2004-11-04 3:15 ` Chad Walstrom
2004-11-04 19:15 ` Chad Walstrom
2004-11-17 23:26 ` Chad Walstrom
2004-06-21 16:13 ` PAM Authentication Patch Chad Walstrom
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=AB82CD1E-2B45-11D9-AB0B-000D93336F56@acm.org \
--to=gargp@acm.org \
--cc=chewie@wookimus.net \
--cc=help-gnats@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).