[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: PAM and shadow



Wichert Akkerman wrote:
> Previously Andrew Morgan wrote:
> > use pam_pwdb (which uses a little helper binary to check the user's own
> > password).  This is how Redhat's xlock is not setuid root and yet works
> > with shadow passwords.
> 
> I was fearing you would say this... using a seperate helper binary is
> bad, since it makes it much easier for someone to use bruce-force trying
> passwords using that binary..

This binary only works for the user with uid==getuid().  In other words,
a user could use this binary to brute force search for his own password
but noone else's. Relative to making xlock setuid-root, this was viewed
as a small risk.

> I'm still curious why pam_start() doesn't allow a PAM module to
> initialize itself, since that would solve this problem cleanly without
> needing an externaly program, and might solve future problems as well.

Could you elaborate?

Thanks

Andrew



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []