Re: PAM use by non root applications

To: "debian-user@lists.debian.org" <debian-user@lists.debian.org>
Subject: Re: PAM use by non root applications
From: Derrick 'dman' Hudson <dman@dman.ddts.net>
Date: Fri, 6 Sep 2002 11:23:44 -0400
Message-id: <[🔎] 20020906152344.GB15970@dman.ddts.net>
Mail-followup-to: "debian-user@lists.debian.org" <debian-user@lists.debian.org>
In-reply-to: <[🔎] 3D765220.1060307@hanaden.com>
References: <[🔎] 3D765220.1060307@hanaden.com>

On Wed, Sep 04, 2002 at 01:34:08PM -0500, Hanasaki JiJi wrote:
| Does Woody allow non-root id applications to to PAM auth?

Yes.  No.  It depends.  Which PAM module are you trying to use?  You
can't use pam_unix *if* you use shadow passwords *and* the non-root
user does not have permission to read /etc/shadow.  I hope this makes
it clear that the issue isn't PAM at all, but rather what the module
tries to do.  pam_unix tries to read /etc/shadow and can only do so if
it has filesystem-level permission.  Other pam modules don't read that
file and aren't bound by that restriction.

-D

-- 
Religion that God our Father accepts as pure and faultless is this: to
look after orphans and widows in their distress and to keep oneself from
being polluted by the world.
        James 1:27
 
http://dman.ddts.net/~dman/

Attachment: pgpg9PrCxuJ3S.pgp
Description: PGP signature

Reply to:

References:
- PAM use by non root applications
  - From: Hanasaki JiJi <hanasaki@hanaden.com>

Prev by Date: Re: postfix bouncing
Next by Date: Modules - unstable? -newbie
Previous by thread: PAM use by non root applications
Next by thread: PAM use by non root applications
Index(es):
- Date
- Thread