From 9617d95c12330d5ef00b192dcc8f092ec3fc31a4 Mon Sep 17 00:00:00 2001 From: Xe Date: Tue, 9 Nov 2021 21:03:29 -0500 Subject: [PATCH] american education fucks you up for life Signed-off-by: Xe --- talks/surreal-horror-pam-2021-11-09.markdown | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/talks/surreal-horror-pam-2021-11-09.markdown b/talks/surreal-horror-pam-2021-11-09.markdown index a077602..ad8114b 100644 --- a/talks/surreal-horror-pam-2021-11-09.markdown +++ b/talks/surreal-horror-pam-2021-11-09.markdown @@ -190,6 +190,8 @@ random boilerplate code to deal with PAM’s complexities, making sure that the ABI functions are exposed correctly and other helpers to grab things from tailscaled with unix sockets. +[https://github.com/tailscale/pam](https://github.com/tailscale/pam) + This is written in Rust because I personally believe that writing security critical components that we would ship with the operating system in C is a massive disservice to our users. Go also doesn’t really have a good story to do @@ -219,7 +221,7 @@ that command will not work. However you should see something like this: It would be really cool to flesh this out as a full product. I feel this could really make people’s lives a lot easier. The hard part is going to be making -sure that this absolutely has security experts pour over this to make sure that +sure that this absolutely has security experts pore over this to make sure that this is _actually_ safe. I’m fairly sure that it is safe as it is, but right now this is an uberhammer that lets you log in as root if you get SSH access to a system. I would love to have this send a TSMP message to have a GUI prompt