Displaying 1 result from an estimated 1 matches for "dontcomplywiththepamspec".
2009 Jul 22
2
PAM_USER falsely assumed immutable
...'t change. See, for
example, http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/adg-security-user-identity.html
to say nothing of the fact that Rutgers has PAM modules that do exactly
that (change PAM_USER). This check needs to be relaxed (or, perhaps if you
want a config directive for DontComplyWithThePAMSpec = true, you can have
a tunable). Can this be as simple as ditching the call to
auth_request_set_field, or is there concern over interactions between PAM
and other auth features?