Re: [hackers] [slock] Unify how we check passwords between different OSes

From: FRIGN <dev_AT_frign.de>
Date: Tue, 6 Sep 2016 20:55:42 +0200

On Tue, 6 Sep 2016 20:52:05 +0200
Quentin Rameau <quinq_AT_fifth.space> wrote:

>

I second this patch. As a side-note, this patch is necessary and gives
the ground work for a patch by me that drops privileges after the getpw
function.
Previously on OpenBSD, slock would _never_ drop privileges, which is
not a very sane thing to do. If this patch is applied, I'll send my
patch for slock as well to do the privilege drop properly.
Currently, the privilege drop on Linux does not reset supplementary
groups; this is adressed in the upcoming patch as well.

Cheers

FRIGN

-- 
FRIGN <dev_AT_frign.de>
Received on Tue Sep 06 2016 - 20:55:42 CEST

This archive was generated by hypermail 2.3.0 : Tue Sep 06 2016 - 21:00:22 CEST