Regarding PAM_TTY_KLUDGE and Solaris 8...
Damien Miller
djm at mindrot.org
Fri Oct 26 10:14:21 EST 2001
On Thu, 25 Oct 2001, Ed Phillips wrote:
> What is the reasoning behind this? Do we want to see a lastlog entry for
> "ssh" whenever a user runs remote command? Do other OSes have
> pam_open_session that does more meaningful things than Solaris 8?
> Well... I guess the more I think about it, it's probably better to go
> ahead an call pam_open_session even for the non-interactive case since
> someone might want to implement a PAM module at their site that logs every
> ssh connection... and if we don't call pam_open_session, then they don't
> even have that capability if they wanted it.
Some people set rlimits using session modules. Someone even filed a Bugtraq
report about it.
-d
--
| By convention there is color, \\ Damien Miller <djm at mindrot.org>
| By convention sweetness, By convention bitterness, \\ www.mindrot.org
| But in reality there are atoms and space - Democritus (c. 400 BCE)
More information about the openssh-unix-dev
mailing list