[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Open Xlock as root



On Fri, 3 Dec 1999, Scott Nelson wrote:

> Then, how about this:

> xlock auth sufficient /lib/security/pam_pwdb shadow
> xlock auth required   /lib/security/pam_asuser root /lib/security/pam_pwdb shadow

That would be a possibility, but realistically, how many different modules
are there going to be which need to be run as a different user?  The
solution you describe above would require the pam_asuser module to spawn
an suid helper binary which invokes the second module itself, and this
strikes me as rather messy.

So, how many modules are you (or anyone else) going to need to run as a
different user?  And how many programs are there which will need to use
this functionality?  Chances are, there's a simpler solution out there.

-Steve Langasek
postmodern programmer



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []