https://bugzilla.mindrot.org/show_bug.cgi?id=2246
Damien Miller <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #1 from Damien Miller <[email protected]> --- I think it would be better to support a couple of %-escapes in PAMServiceName. E.g. PAMServiceName sshd-%m where %m is replaced with the authentication method in use. Some others for port number and interface address might make sense too. Also, I don't think the proposed patch is correct - there is state in auth-pam.c that should be stored separately per service name. E.g. a PAM stack for password auth might set sshpam_account_status. Later, a different authentication method might be tried resulting in a different PAM stack being executed, but this cached value will still be preferentially used. This could allow access inappropriately (or vice-versa) -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
