Table of Contents
OpenPAM Lycopsida
Known errata:
OpenPAM Lycopsida was released on 2011-12-18.
-
ENHANCE removed static build autodetection, which didn't work anyway. Use an explicit, user-specified preprocessor variable instead.
-
ENHANCE cleaned up the documentation a bit.
-
ENHANCE added
openpam_subst(3)
, allowing certainPAM
items to be embedded in strings such as prompts. Apply it to the prompts used bypam_get_user(3)
andpam_get_authtok(3)
. -
ENHANCE added support for the
user_prompt
,authtok_prompt
andoldauthtok_prompt
module options, which override the prompts passed by the module topam_set_user(3)
andpam_get_authtok(3)
. -
ENHANCE rewrote the policy parser to support quoted option values.
-
ENHANCE added
pamtest(1)
, a tool for testing modules and policies. -
ENHANCE added code to check the ownership and permissions of a module before loading it.
-
ENHANCE added / improved input validation in many cases, including the policy file and some function arguments. (CVE-2011-4122)