[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Question concerning PAM modules and root ...



On Fri, 29 May 1998, Dave Airlie wrote:

> 
> yeah that would basically be about right ... I don't see this as a major
> problem as I would trust the people in charge of my NT server.. I suppose
> I could add something to the pam_smb.conf file in the next release a deny
> users or something

david, i wouldn't recommend that: it sounds more like a job for either a
separate pam module, denying users based on where they are from, or it
sounds like a job for the server.

if it's a samba server you're verifying against, this is easy.

luke


> .. but having a large conf file will slow the thing
> down to a very low rate ... what I may do is try and use some daemon code
> to do the authentication ... this has been planned for a while now ..
> 
> Dave.
> 
> On Thu, 28 May 1998, The Hermit Hacker wrote:
> 
> > 
> > Hi...
> > 
> >       I was just looking at the pam_smb_auth module, and one thing
> > bothers me...unless I'm reading the code wrong, *if* someone creates a
> > user root, with a passwd, on the NT server, and logs into the machine
> with
> > root/<passwd on NT server>, they can get root access to the server?
> > 
> >       Or am I missing something?
> > 
> > 
> > 
> > 
> 
> 
> 
> ------------ David Airlie, David.Airlie@ul.ie,airlied@skynet --------
> Telecommunications Research Centre, ECE Dept, University of Limerick \
> http://www.csn.ul.ie/~airlied   -- Computer Engineering Postgrad      \
> --- TEL: +353-61-202695 -----------------------------------------------
> 
> -- 
> To unsubscribe: mail -s unsubscribe pam-list-request@redhat.com < /dev/null
> 
> 



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []