Is SuSE looking at using this system anytime soon?
--
Viel Spaß
Nix - nix@susesecurity.com
http://www.susesecurity.com
Begin forwarded message:
Date: Thu, 15 Nov 2001 22:56:58 +0100
From: Rafal Wojtczuk
To: announce@lists.openwall.com
Subject: tcb scheme implemented for Owl
Hello,
You may have noticed that recently a new package named "tcb" has been
added to Owl-current. It features the new implementation of pam_unix module
and the new method of storing password hashes. The interesting point is if
you invest your time in reading tcb(5) and tcb_convert(8) man pages, you
will be able to configure your Owl system so that many utilities can run
with low privileges. Most notably, passwd(1) does not need to be suid root.
Currently, new features are disabled by default. Soon during install
time one will be given a choice between the old shadowed passwords scheme and
the new tcb scheme. Meanwhile, we encourage you to test new tcb features and
share with owl-users@lists.openwall.com the experience gained.
You may also be interested that on 23-25th November there will be held
a Linux conference, which will feature a talk on Owl. The event is named
JWGL (http://www.7bulls.com/JWGL), it is held near Warsaw, Poland. It is the
fourth edition of the conference which focuses on professional Linux and GNU
software appliances. The event is mostly local (the speeches are given in
Polish), but if you want to meet Richard Stallman personally, this is the
occasion :)
The JWGL Owl talk will cover amongst others:
- Owl security and design concepts
- software developed for the needs of Owl
- generic methods to improve software security (examples from Owl)
- the tcb scheme: the "least privilege" rule in flesh
