[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: userid and groups questions



On Fri, 24 Sep 1999, Mihai Ibanescu wrote:

> I don't think I understand your last statement. What do you mean by
> 'there's not much libpam can do anyway to stop a module from changing the
> uid if that's what the module writer thinks needs to happen'? How can a
> module change a uid, when the module does not have the idea of an UID?

Any module could call one of the setuid(), setreuid() family of functions at
any time.  In most cases this would be irresponsible, but it /could/ happen,
and there's not much anyone can do to prevent it (except to stop using the
module).

Upon reflection, I guess the idea the original poster was getting at was
that the PAM_USER item should be 'read-only' for the modules.  The same
thing applies, IMHO.  If there's a compelling reason to change the PAM_USER,
the module writer should have that option, in which case the module
documentation ought to make this clear.  If the concern is people writing
mischievous modules, then restricting access to PAM_USER isn't going to
prevent that.

-Steve Langasek
postmodern programmer



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []