[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Open Xlock as root



On Fri, 3 Dec 1999, Ethan Benson wrote:

> The Debian solution is the fastest way of working around this problem 
> and since it is only required for 1) special case programs like xlock 
> that need to verifiy the root password and 2) non PAM compliant apps 
> that do not do any passwd file maintenence.

> the only other solution I can think of is to create either a new PAM 
> module/helper program that will verify the calling user's password 
> and the root password.  this module could be used only for programs 
> that require it such as the *locks

> modifying the main pam_unix and pam_pwdb helpers to always check 
> root's password would not be a good solution since it would almost 
> effectively unshadow the root password.

> I am interested in hearing the opinions of the pam folks, is it 
> better to just use the shadow group for these special case utilities 
> or would a pam based solution be better?

Joining the discussion a little late here, but I think sgid shadow
binaries are only marginally better than suid root binaries.  Exploits are
constantly being found in all manner of X libraries, which means it's a
risk to run many X programs with special permissions; and anyone who can
exploit an suid root binary to gain illicit access could exploit an sgid
shadow binary almost as easily.

s[ug]id helper binaries in PAM are a far /safer/ solution.  I guess
whether they're a /better/ solution depends on just how many of these
helper binaries we end up needing to maintain.

-Steve Langasek
postmodern programmer



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []