[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: A newbie question

From: Thorsten Kukuk <kukuk suse de>
To: pam-list redhat com
Subject: Re: A newbie question
Date: Wed, 25 Jul 2007 11:54:34 +0200

On Wed, Jul 25, Nicolas Tse wrote:

> Hi everyone,
> 
> I wonder how the PAM module used in login can prevent
> the modification from the hostile user(someone may
> modify all the return values of the PAM module to
> PAM_SUCCESS to cheat the system).

Only root can modify PAM modules in /lib/security. If this
hostile user has write rights for /lib/security, you have
a real problem which has nothing to do with PAM.
If you has not, he cannot modify the return values of a 
module.

  Thorsten

-- 
Thorsten Kukuk, Project Manager/Release Manager SLES
SUSE LINUX Products GmbH, Maxfeldstr. 5, D-90409 Nuernberg
GF: Markus Rex, HRB 16746 (AG Nuernberg)

References:
- A newbie question
  - From: Nicolas Tse

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]