OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Re: Pam_mkhomedir

From: Michael Chang (mirandaion.uranus.com)
Date: Tue Jul 22 2003 - 13:15:38 CDT

Although, one could probably hack pam_mkhomedir to send a message to a
UNIX socket, where the other end of the socket is a daemon, running as
root, which queues requests for making home directories. After the
proper checks have been performed, the daemon creates the home
directory for the user and -- voila. It would only take a second (if
that) to process the request. You'd have to be really security-conscious
with regard to the implementation, but it could be done without too much work.

Michael

On 22 Jul 2003, Troels Liebe Bentsen wrote:

|> Nope, not without fixing allot of programs that one could say implement
|> pam wrong. The problem is the some pam programs like openssh and new
|> version of su on Linux drop privileges to early.
|>
|>
|> Regards Troels.
|> On Tue, 2003-07-22 at 15:24, Gilles Cordier wrote:
|> > Hi all,
|> >
|> > I have a big problems with mkhomeddir module.
|> > I must set write rigth to the home directory to make pam_mkhomedir
|> > working.
|> > Is there a way to avoid this??
|> >
|> > Thanks
|> >
|> > Gilles
|>
|>
|> _______________________________________________
|> Pam-list mailing list
|> Pam-listredhat.com
|> https://www.redhat.com/mailman/listinfo/pam-list
|>

--
/* BEGIN SIG
*
* "Afraid of change, afraid of staying the same,
* when temptation calls, we just look away."
* - Barenaked Ladies
*
* "He started writing in mirror writing, 'Help! I'm
* trapped behind the world.'"
* - New York State Journal of Medicine
*
*-----------------------------
* Michael Chang
* mirandauranus.com
* http://www.syndetic.org/
*/

_______________________________________________
Pam-list mailing list
Pam-listredhat.com
https://www.redhat.com/mailman/listinfo/pam-list