[plug] ppp + authentication
Michael Hunt
michael.j.hunt at usa.net
Fri Sep 15 04:39:39 WST 2000
> List,
>
> Not sure where I am going now with this problem. So far I have managed
> to use pam_smb with console logins but with ppp I it appears to be still
> using /etc/passwd.
Not that this is an answer to your question but as you are only just
implementing this you may want to check out the following security advisory
that I saw on Linux Weekly News Web Site. (http://lwn.net/)
pam_smb remotely-exploitable stack buffer overflow. A remotely-exploitable
stack buffer overflow has been reported in the pam_smb pluggable
authentication module. This is a severe vulnerability, which could lead to a
remote root compromise. All versions of pam_smb prior to 1.1.6 are affected.
If you are using Samba and pam_smb, an immediate upgrade is strongly urged.
Though you might find that useful to know before you did get it working and
put it in a production environment.
Michael Hunt
More information about the plug
mailing list