NetBSD

History

drochner 8e6899dea3 Don't allow '/' characters in the "service" argument to pam_start() The "service" is blindly appended to config directories ("/etc/pam.d/"), and if a user can control the "service" it can get PAM to read config files from any location. This is not a problem with most software because the "service" is usually a constant string. The check protects 3rd party software from being abused. (CVE-2011-4122)		2011-11-09 20:26:41 +00:00
..
bin
doc	Bump date for previous.	2010-03-20 11:24:29 +00:00
include	Apply r432 from openpam repository:	2010-03-19 18:16:14 +00:00
lib	Don't allow '/' characters in the "service" argument to pam_start()	2011-11-09 20:26:41 +00:00
misc
modules
aclocal.m4
autogen.sh
compile
config.guess
config.h.in
config.sub
configure
configure.ac
CREDITS
depcomp
HISTORY
INSTALL
install-sh
LICENSE
ltmain.sh
Makefile.am
Makefile.in
missing
README
RELNOTES

README

OpenPAM is an open source PAM library that focuses on simplicity,
correctness, and cleanliness.

OpenPAM aims to gather the best features of Solaris PAM, XSSO and
Linux-PAM, plus some innovations of its own.  In areas where these
implementations disagree, OpenPAM tries to remain compatible with
Solaris, at the expense of XSSO conformance and Linux-PAM
compatibility.

These are some of OpenPAM's features:

   - Implements the complete PAM API as described in the original PAM
     paper and in OSF-RFC 86.0; this corresponds to the full XSSO API
     except for mappings and secondary authentication.  Also
     implements some extensions found in Solaris 9.

   - Extends the API with several useful and time-saving functions.

   - Performs strict checking of return values from service modules.

   - Reads configuration from /etc/pam.d/, /etc/pam.conf,
     /usr/local/etc/pam.d/ and /usr/local/etc/pam.conf, in that order;
     this will be made configurable in a future release.

Please direct bug reports and inquiries to des@freebsd.org.

$Id: README,v 1.1.1.2 2008/01/27 00:54:48 christos Exp $