On Tue, Mar 19, 2002 at 05:33:13PM +0100, Russell Coker wrote: > On Tue, 19 Mar 2002 03:34, Steve Langasek wrote: > > It's a read lock, isn't it? In which case, does it really matter how > > many bytes it's locking? (Unless, perhaps, requesting a read lock on > If it keeps the read lock for an extended period of time and locks out other > processes then it could allow a local DOS attack. AFAIK, read locks are not exclusive. > > If the question is really "why does it want a read lock at all?", I > > don't think I have an answer for that one. > Getting a read lock on the utmp file before reading it is reasonable. Not > sure why it needs to read it at all though. Must be something in PAM. Probably a 'session .* pam_unix.so' line in the PAM config for this module. Consensus among PAM developers is that utmp is the closest possible definition for a 'unix session', so calling the session management functions of the pam_unix functions writes to utmp. Steve Langasek postmodern programmer
Attachment:
pgpxfovNXy7Cy.pgp
Description: PGP signature