> > 1) su on passwordless accounts.
> > (a) `su <passwordless>' now bogusly prompts for a password. It lets
> > you in if you type an empty password.
> > (b) `echo somecommand | su <passwordless>' now bogusly prompts for
> > a password. su doesn't find a password, and exits without printing
> > anything or running `somecommand'. I use the latter form a lot.
Feature, not bug. PAM has been told to use "unix" authentication.
You can override this by setting
su auth required pam_permit.so
instead of
su auth required pam_unix.so try_first_pass
in /etc/pam.conf.
For situations where some accounts have passwords and some don't, play
with the third word - "required" may become "sufficient" etc.
> (2) static linkage of rshd. Previously, only static linkage of many other
> > commands that are linked to libpam was broken (ftpd was one).
Those patches of yours look reasonable.
M
--
Mark Murray
Warning: this .sig is umop ap!sdn
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message