[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: PATCHES: more from Debian against 0.72



On 14/12/99 Ben Collins wrote:

009_modules_pam_wheel: By default this module uses getlogin(), which
according to the docs I've read (and experience) is not the best idea.
However, the module does have a use_uid option that makes it use getuid().
I've changed the module to use getuid() by default, and still accept the
use_uid option but ignore it (for compatibility). This patch also updates
the documentation for pam_wheel to reflect this.


this has the side affect of allowing untrusted (non wheel) users to su to a wheel account and then su to root. maybe i am being overly paranoid :) but is there any safe way to prevent that?

Ethan



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []