Dropping privs by PAM modules.
s_n
jusnet at vp.pl
Mon Dec 11 18:34:14 UTC 2006
Hi,
I'm just wondering about dropping privilages by pam modules, does it
make sense to you anyway? How to consider such behaviour, improved
security or is it just security by obscurity? Anyway, imagine badly
coded module, which can be circumvented by an attacker and used to
launch his own code. Will dropping privs mitigate the possible loses
coused by such malicious code? What are you thinking about it?
Sincerly,
Filip (s_n) Palian.
:wq!
More information about the Pam-list
mailing list