[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: pam-aware



sethlist@schutz.psy.aau.dk said:
} 1.  Is there a test (program) for determining whether a program is
}     pam-aware.  (I realize that one can read the docs, or look
}     in the source code, or possibly use the /etc/pam.d/other and
}     log to a file...but I was curious if there exists a way to
}     examine a binary for its "pam-awareness"? 

First cut test, if its dynamically linked, it should be linked against 
libpam, for example:-

nellie{nigel}104> ldd /usr/sbin/in.ftpd
        libpam.so.0 => /lib/libpam.so.0.57
        libdl.so.1 => /lib/libdl.so.1.7.14
        libc.so.5 => /lib/libc.so.5.3.12

If its statically linked you could nm it to look for pam functions, but if 
its stripped this cannot be done.
 
If you strace the program you should see it dynamically load the 
appropriate pam modules as it initialises, for example from passwd (really 
relevant lines *'d):-

# Check, open and read pam config file
 stat("/etc/pam.d", {st_mode=S_IFDIR|0755, st_size=1024, ...}) = 0
 open(0x8049ef8, O_RDONLY)               = 3
 fstat(3, {st_mode=S_IFREG|0644, st_size=242, ...}) = 0
 mmap(0, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 
0x40007000
 read(3, "#%PAM-1.0\nauth       required\t"..., 4096) = 242
 ...
# Open and load dynamic pam modules
*open("/lib/security/pam_pwdb.so", O_RDONLY) = 4
 ...
 close(4)                                = 0
*open("/lib/security/pam_cracklib.so", O_RDONLY) = 4
 ...
 close(4)                                = 0
# do setup of pam modules
 stat("/usr/lib/cracklib_dict.pwd", {st_mode=S_IFREG|0644, st_size=214266, 
...}) = 0
 open("/etc/pwdb.conf", O_RDONLY)        = 3
 ...

However stracing these things can be a problem - sometimes they behave 
differently as root, but you must run them as root since they are 
typically setuid....

	Nigel.


-- 
[ Nigel.Metheringham@theplanet.net   -  Systems Software Engineer ]
[ Tel : +44 113 251 6012                   Fax : +44 113 234 6065 ]
[      Real life is but a pale imitation of a Dilbert strip       ]




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []