Regarding PAM_TTY_KLUDGE and Solaris 8...
Markus Friedl
markus at openbsd.org
Fri Oct 26 22:11:13 EST 2001
On Fri, Oct 26, 2001 at 10:14:21AM +1000, Damien Miller wrote:
> On Thu, 25 Oct 2001, Ed Phillips wrote:
>
> > What is the reasoning behind this? Do we want to see a lastlog entry for
> > "ssh" whenever a user runs remote command? Do other OSes have
> > pam_open_session that does more meaningful things than Solaris 8?
> > Well... I guess the more I think about it, it's probably better to go
> > ahead an call pam_open_session even for the non-interactive case since
> > someone might want to implement a PAM module at their site that logs every
> > ssh connection... and if we don't call pam_open_session, then they don't
> > even have that capability if they wanted it.
>
> Some people set rlimits using session modules. Someone even filed a Bugtraq
> report about it.
is this the right way?
isn't this an abuse of the PAM module? (perhaps file a Bugtraq report...)
More information about the openssh-unix-dev
mailing list