|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: PAM applications running as root (Was Re: WebTrends Enterprise
Alan Cox (alan
LXORGUK.UKUU.ORG.UK)
Fri, 15 Oct 1999 17:51:15 +0100
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
- Next message: Tymm Twillman: "OpenLink 3.2 Advisory"
- Previous message: Dirro, Toralv: "Re: I'm an idiot...."
- Maybe in reply to: Shawn Tagseth: "I'm an idiot...."
> It is NOT a requirement of the PAM framework that application be running as
> root. There are two cases though that make login type applications need to
> run as root.
>
> 1) The password is stored in /etc/shadow which only root can read
> If the password was in NIS/NIS+/LDAP then the authentication
> could succeed are an ordinary user.
This is not correct either. A good PAM implementation supports shadow
authentication (although not update) via setuid helpers
Alan
- Next message: Tymm Twillman: "OpenLink 3.2 Advisory"
- Previous message: Dirro, Toralv: "Re: I'm an idiot...."
- Maybe in reply to: Shawn Tagseth: "I'm an idiot...."
This archive was generated by hypermail 2.0b3 on Fri Oct 15 1999 - 19:54:46 CDT