[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: userid and groups questions



Stephen Langasek writes:
>Any module could call one of the setuid(), setreuid() family of functions at
>any time.  In most cases this would be irresponsible, but it /could/ happen,
>and there's not much anyone can do to prevent it (except to stop using the
>module).

Examples of reasons to do this are when a pam module needs to fork/exec
other programs as the user.  For example, the pam_xauth module that I
wrote needs to temporarily assume the ids of two different users in the
course of its execution...

michaelkjohnson

"Magazines all too frequently lead to books and should be regarded by the
 prudent as the heavy petting of literature."            -- Fran Lebowitz
 Linux Application Development     http://people.redhat.com/johnsonm/lad/



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []