A newbie question
Dan Yefimov
dan at ns15.lightwave.net.ru
Wed Jul 25 13:08:04 UTC 2007
On Wed, 25 Jul 2007, Nicolas Tse wrote:
> Hi everyone,
>
> I wonder how the PAM module used in login can prevent
> the modification from the hostile user(someone may
> modify all the return values of the PAM module to
> PAM_SUCCESS to cheat the system).
>
Login being run under ordinary user can't authenticate another one since on
most systems its binary is not SUID root. But even if it was such, LD_PRELOAD
environment variable is ignored for SUID binaries on most (normal) systems.
--
Sincerely Your, Dan.
More information about the Pam-list
mailing list