[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Patch to pam_rootok to check for superuser by name



On 29-Feb-00 Matthew Kirkwood wrote:
>On Tue, 29 Feb 2000, Karl O. Pinc wrote:
>
>> This is the crux of the matter; having to have an empty file lying
>> about (/etc/emptyfile, or /etc/pam.d/emptyfile, or whatever) is just
>> plain butt-ugly, and subject to confusion and general breakage.  I'm
>> looking for a way to get rid of it.  (Ways that don't involve having
>> files laying about with just the word "root" in them.)  Do you know of
>> any way around such uglyness?
>
>file=/dev/null
>
>?

That was my first thought, but there's security checks in pam_listfile that
don't allow the file to be a) anything but a regular file, or b) world writable.

Hence my talk of writing a patch to add the arguments "special" and "writable"
to pam_listfile.

Karl <kop@meme.com>



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []