[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: A newbie question



On Wed, 25 Jul 2007, Nicolas Tse wrote:

> Hi everyone,
> 
> I wonder how the PAM module used in login can prevent
> the modification from the hostile user(someone may
> modify all the return values of the PAM module to
> PAM_SUCCESS to cheat the system).
> 
Login being run under ordinary user can't authenticate another one since on
most systems its binary is not SUID root. But even if it was such, LD_PRELOAD 
environment variable is ignored for SUID binaries on most (normal) systems.
-- 

    Sincerely Your, Dan.



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]