-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 09/05/2010 07:22 PM, Chris Smart wrote: > On Fri, Sep 3, 2010 at 11:15 PM, Daniel J Walsh <dwalsh@xxxxxxxxxx> wrote: >> I am not sure what system-config-authorization is doing, is it setting >> up pam_oddjob_mkhomedir or pam_mkhomedir. It would be better if it used >> pam_oddjob_mkhomedir. > > It appears to be setting up pam_mkhomedir.. > > -c I think there is a open bug report about changing this to use pam_oddjob_mkhomedir. The problem with pam_mkhomedir is that it runs under the context of the login programs, which requires us to give all login programs the ability to manage all content within the users homedir. We are trying to confine apps like sshd/xdm/rlogind from this access, to prevent flaws that could reveal data in the homedir without have a login password. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkyGVIAACgkQrlYvE4MpobOBdwCgjMipL9Ev4ZILGtv7E8Q5gs4I 5q4AnifmE2BwZZEeq3Z6iiYMMKLrSth7 =lUPe -----END PGP SIGNATURE----- -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
