On Wed, 2007-12-19 at 11:16 -0500, Nalin Dahyabhai wrote:
> I recommend against using PAM as a place to be launching arbitrary
> processes. The environment in which a module runs is just way too
> underspecified to be dependable for doing that.
>
> Environment, privilege level, signal handling, none of it's guaranteed
> by the specification [1]. If you fork a process (from a module, which
> is loaded by a shared library, with the calling application having no
> idea of what to expect), you have to be _very_ careful about how you do
> it, and how you handle its termination, and how all of that interacts
> with what the calling appliction's already doing.
Exactly.
> Even for the modules which are careful about this, we still run into
> bugs. And many modules aren't careful.
True. Although it doesn't mean that a module cannot be written safely
and carefully.
> Sure, maybe we need something that'll serve the function of launching
> random stuff for you when you log in, but I don't think that PAM is it.
As I said in the other mail PAM might be it if you really need a root
access but otherwise I agree.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list
