Bugtraq mailing list archives
Re: PAM applications running as root (Was Re: WebTrends Enterprise
From: alan () LXORGUK UKUU ORG UK (Alan Cox)
Date: Fri, 15 Oct 1999 17:51:15 +0100
It is NOT a requirement of the PAM framework that application be running as root. There are two cases though that make login type applications need to run as root. 1) The password is stored in /etc/shadow which only root can read If the password was in NIS/NIS+/LDAP then the authentication could succeed are an ordinary user.
This is not correct either. A good PAM implementation supports shadow authentication (although not update) via setuid helpers Alan
Current thread:
- PAM applications running as root (Was Re: WebTrends Enterprise Reporting Server) Darren Moffat (Oct 14)
- Re: PAM applications running as root (Was Re: WebTrends Enterprise Alan Cox (Oct 15)
- OpenLink 3.2 Advisory Tymm Twillman (Oct 15)
- execve bug linux-2.2.12 ben () VALINUX COM (Oct 15)
- Netscape 4.x buffer overflow Michael Breuer (Oct 15)
- Netscape 4.x buffer overflow Max Vision (Oct 18)
- Re: execve bug linux-2.2.12 Perly (Oct 15)
- Re: execve bug linux-2.2.12 visi0n (Oct 15)
- Re: execve bug linux-2.2.12 Alan Cox (Oct 16)
- Re: execve bug linux-2.2.12 ben () VALINUX COM (Oct 16)
- Re: execve bug linux-2.2.12 Matt Chapman (Oct 18)
- Re: execve bug linux-2.2.12 Taneli Huuskonen (Oct 19)
- Netscape 4.x buffer overflow Michael Breuer (Oct 15)