From 6aa04390517d0559a0a671a994bdc18e1b50fc81 Mon Sep 17 00:00:00 2001
From: Dante Catalfamo
Date: Mon, 2 Nov 2020 16:52:09 -0500
Subject: bsd-auth: update date, move comment

---
 .../WIP-how-bsd-authentication-works/index.org     | 39 +++++++++++-----------
 1 file changed, 19 insertions(+), 20 deletions(-)

(limited to 'content/posts/WIP-how-bsd-authentication-works')

diff --git a/content/posts/WIP-how-bsd-authentication-works/index.org b/content/posts/WIP-how-bsd-authentication-works/index.org
index 898b634..6126207 100644
--- a/content/posts/WIP-how-bsd-authentication-works/index.org
+++ b/content/posts/WIP-how-bsd-authentication-works/index.org
@@ -1,5 +1,5 @@
 #+TITLE: How BSD Authentication Works
-#+DATE: 2020-06-26T18:31:36-04:00
+#+DATE: 2020-11-02T16:49:46-05:00
 #+DRAFT: true
 #+DESCRIPTION:
 #+TAGS[]: openbsd
@@ -657,25 +657,6 @@
 
   <<here>>
 
-** COMMENT note
-
-  ---
-  note: In the man page auth_subr it says
-  #+begin_quote
-  path    The full path name of the login script to run.  The call will
-               fail if path does not pass the requirements of the secure_path(3)
-               function.
-  #+end_quote
-  However I don't see this enforced anywhere, I even wrote a small test
-  script to prove that's the case on =vfwall ~/authtest=.
-
-  The manpage also says the path is limited to =/bin/= and =/usr/bin=,
-  which is also not the case.
-
-  Ask jcs about the file descriptor situation, I don't understand it
-  after reading both the man page and source.
-  ---
-
 ** _auth_next_arg
    #+BEGIN_SRC c
    static char *_auth_next_arg(auth_session_t *as)
@@ -795,3 +776,21 @@ It creates an auth session struct.
 If the password is provided it sets the service type to =response=,
 and adds the adds the password to the auth data. Otherwise it
 leaves it empty.
+* COMMENT note
+
+ ---
+ note: In the man page auth_subr it says
+ #+begin_quote
+ path    The full path name of the login script to run.  The call will
+              fail if path does not pass the requirements of the secure_path(3)
+              function.
+ #+end_quote
+ However I don't see this enforced anywhere, I even wrote a small test
+ script to prove that's the case on =vfwall ~/authtest=.
+
+ The manpage also says the path is limited to =/bin/= and =/usr/bin=,
+ which is also not the case.
+
+ Ask jcs about the file descriptor situation, I don't understand it
+ after reading both the man page and source.
+ ---
-- 
cgit v1.2.3