
$Id: CHANGELOG,v 1.10 1999/03/28 08:16:50 saw Rel $

-----------------------------

* Protection against std{in,out} abuse was implemented for setuid-root
  programs (su and passwd).

* A few bugs were fixed.

* When 'su' is invoked in a login mode ('su -') ut_sid field of utmp structure
  is set to the parent (su) pid.  The previous versions write child (shell) pid
  in the utmp file.  I think that parent pid is more close to the ut_sid field
  definition: getsid(2) result for this process group.

* '.-c' include files were converted into normal C files.
  The applications are linked with the corresponding '.o' files.

* Makefiles were cleaned up.  configure.in script for GNU autoconf
  was created.

* Source code was restructurized.  Pluggable library dependent code
  were moved to pamapps and pniamapps directories.  Common code
  was moved into the common directory.

* PNIAM support was started.

0.58 Fri Jun 12 17:55:21 MSD 1998, Andrey V. Savochkin <saw@msu.ru>

* utmp_{open,close}_session() were modified to fail gracefully.

* pam_get_user() abuse was removed from utmp_open_session.

* wtmp file locking was rewritten.

* unnecessary malloc()s were eliminated from utmp_{open,close}_session().

* more accurate struct utmp clearing was implemented. Glibc had introduced
  additional fields and could do it further.

* utmp search was rewritten to be more compatible with libc.

* protection against unexpected SIGPIPEs was implemented.

* TODO file was revived.


0.57 Andrey V. Savochkin <saw@msu.ru>

* a major code cleanup in 'su'.


0.56 whenever

* will only compile against libpam-0.59+

* added a default path for login's (both 'su -' and 'login')

* added new setuid binary: changeroot.

* removed default logout message (you can put it back if you like).

* port to Linux/Alpha (glibc has semi-broken utmp handling)

* reworked signal handling in 'su' to be a little more robust (Andrey
  V. Savochkin).  'suspend' is working again...

* 'su' does not set LOGNAME and HOME unless we are entering a login
  shell (Andrey V. Savochkin).


0.55 Tue Jun 24 08:05:15 PDT 1997, Andrew G. Morgan <morgan@linux.kernel.org>

* added pam_close_session in the case that acquiring credentials fails
  -- both su and login (bug report Mark Lillywhite).

* slightly more reasonable default configurations are included. (since
  the rpm will now try to install them on your system).

* $HOME works again for 'su -'

* addded conditional compilation of pwdb to passwd (uses pwdb's getlogin)

* tidy up in Makefile and su made more impervious to being kill()ed

* fixed two typos in login and passwd manuals: critical -> requisite

* su can now be run without taking its input from a tty.  This is only when
  it is run by the superuser.


0.54 Sun Feb 23 22:07:26 PST 1997 <morgan@linux.kernel.org>

* pam_fail_delay() conditional on HAVE_PAM_FAIL_DELAY

* Tidied up environment handling

* Oops. :*[ Open sessions before adding user credentials. Somehow I
  had these in the other order.

* can compile with or without libpwdb (see the top level makefile)

* All POSIX environment variables are mapped onto the user's environment

* 'su -' now resets the u/wtmp entries for the user. logname now works
  as expected.


0.53 Tue Jan 28 19:17:04 PST 1997 (Andrew Morgan <morgan@linux.kernel.org>)

* reorganized login - utilized timeout features of the conversation
  function in libpam_misc. lastlog and mail are handled by session
  modules now

* login wtmp handling stabilized

* su and login now share a lot of code. I have placed the official
  code in login and symlinked this .-c code from the su directory

* added man pages for login, su and passwd.

* initialize groups before calling pam_setcred. (No longer using the
  "localgids" pwdb entry with login)

* passwd takes -k and -N (service name suffix flag..)
