Loosening file checks--a good idea?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, May 18, 2002 at 09:26:30PM -0400, Sam Hartman wrote:
> 
> One area in which Debian's PAM differs from the CVS mainline is that
> we have applied a few patches to loosen file checks.  In particular,
> for pam_rhosts, we allow .rhosts to be a symlink; similarly we allow
> the file for pam_listfile to be a symlink.
> 
> It's my opinion that Debian actually shouldn't have done this as a
> local change; too gratuitous of a difference.  So I'm asking what
> people think about allowing symlinks in the upstream sources.

My recommendation would be to control the behaviour based on a
module-arguments in the pam.conf/pam.d entry.  I'd also make the
default be to not follow symlinks, since it could potentially cause a
security exposure (even in the pam_listfile case), so it should be one
of those things that the user should have to explicitly ask for in the
pam configuration file.

						- Ted





[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux