[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: pam_mkhomdir fix(ldap, su problem)

On Sun, Jul 06, 2003 at 08:35:38PM -0800, Ethan Benson wrote:
> On Sun, Jul 06, 2003 at 05:54:58PM -0500, Steve Langasek wrote:

> > Convince the OpenSSH maintainers that the current behavior is incorrect,
> > and get them to change it.

> who says its incorrect?  not the pam docs.  pam_session running as
> root has always been an assumption.

I say it's incorrect; because if it's not incorrect, it's nevertheless
all but useless.

pam_mkhomedir: create user homedir upon session start.  Requires
write-access to a directory that /should/ be root-only writeable.

pam_radius: logs connection information to a RADIUS accounting server.
Requires access to the RADIUS shared secret.  Root-only.

pam_console: grant locally logged-in users access to certain devices.
Requires root access to change file permissions.

pam_lastlog: writes to /var/log/lastlog.  Root only.

And strangely, I can't find such a module at the moment; but another
obvious application for open/close session is utmp/wtmp logging.

So as long as you only care about trivial modules like pam_mail and
pam_env, sure; running pam_session without privileges works just fine.

> its less convenient, but also much safer, always a tradeoff.

So don't run untrusted PAM modules.  This choice should be made by the
administrator, not by the programmer.

Steve Langasek
postmodern programmer

Attachment: pgp00007.pgp
Description: PGP signature

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]