Re: gids assigned non-deterministically
On Tue, Oct 10, 2006 at 11:33:43AM +0200, Tim Dijkstra wrote:
> Hmm, pam_group doesn't sound to secure to me... what if on one machine
> gid 110 is www-data and on another plugdev. Then if a user logs in on the second
> machine it will get access to gid 110, make some suid executable, which on
> another machine ...
This can't happen. Groups are _not_ transferred over remote login. New
files are owned by the user's primary group, and _not_ by the
supplemental groups (and I really hope you do not want to use 'plugdev'
etc. as the primary group for any real user...)
Even newgrp does not work with groups granted by pam_group (more
precisely, newgrp asks for the group's password, but system groups
should be always locked). So I see no way to transfer a locally granted
group to another machine.
On the other hand, it is true that you should never create files owned
by local uids/gids on shared storage.
Gabor
--
---------------------------------------------------------
MTA SZTAKI Computer and Automation Research Institute
Hungarian Academy of Sciences
---------------------------------------------------------
Reply to: