[prev in list] [next in list] [prev in thread] [next in thread]
List: openssh-unix-dev
Subject: Re: [Bug 789] pam_setcred() not being called as root
From: des () des ! no (Dag-Erling =?iso-8859-1?q?Sm=F8rgrav?=)
Date: 2004-01-25 13:19:19
Message-ID: xzpwu7gp3mw.fsf () dwp ! des ! no
[Download RAW message or body]
bugzilla-daemon@mindrot.org writes:
> I can't find any reference to PAM modules being guaranteed to run as root in
> either the Open Group PAM RFC [1] or the Linux PAM documentation [2], so an
> alternative viewpoint could be that pam_group is making unwarranted assumptions
> about its environment, doing unnecessary things and failing because of it :-)
There is an underlying assumption in PAM that it runs with arbitrator
privileges. In Unix and Unix-like systems, this means root. It makes
no sense to call pam_setcred() when you do not have the authority to
grant said credentials.
DES
--
Dag-Erling Smørgrav - des@des.no
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic