[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

non setuid root applications are able to do authentication from a'secure' NIS server but why?

Hi out there,
I have a NIS Server serving a Password Database with entries like that:

sithglan:##sithglan:31401:30003:Thomas Glanzmann, CIP Admin:/home/cip/adm/sithglan:/local/login/bin/env-csh

This NIS Server also serves a map named passwd.adjunct.byname to source ports < 1024.

And I have a pam enabled Linux application named xlock. This xlock application
is able to do the password authentication for a user but why? Caches Linux PAM
allready sucessfully authenticated passwords? Or is there another mechanism?

If I try the same thing under Solaris the PAM enabled xlock application needs an
root sbit to proceed. Has somebody an idea, how I can get Solaris to the same
thing linux does? So that I don't have to put the xlock application setuid root?

Thomas Glanzmann            +49 1212 5 269 38 260
Rathsbergerstrasse 28 D-91054 Erlangen / Burgberg

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []