[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: A newbie question

From: Dan Yefimov <dan ns15 lightwave net ru>
To: Pluggable Authentication Modules <pam-list redhat com>
Cc: Nicolas Tse <nictseg yahoo com>
Subject: Re: A newbie question
Date: Wed, 25 Jul 2007 17:08:04 +0400 (MSD)

On Wed, 25 Jul 2007, Nicolas Tse wrote:

> Hi everyone,
> 
> I wonder how the PAM module used in login can prevent
> the modification from the hostile user(someone may
> modify all the return values of the PAM module to
> PAM_SUCCESS to cheat the system).
> 
Login being run under ordinary user can't authenticate another one since on
most systems its binary is not SUID root. But even if it was such, LD_PRELOAD 
environment variable is ignored for SUID binaries on most (normal) systems.
-- 

    Sincerely Your, Dan.

References:
- A newbie question
  - From: Nicolas Tse

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]