On Mon, Jul 07, 2003 at 12:04:33AM +0200, Troels Liebe Bentsen wrote: > On Sun, 2003-07-06 at 23:35, Ethan Benson wrote: > > On Sun, Jul 06, 2003 at 09:25:15PM +0200, Troels Liebe Bentsen wrote: > > > 3. pam_mkhomedir is called, the effective uid is still root, and the > > > real uid is now the one of the users we su'ed to(eg. test). But since > > > we on linux have fsuid/fsgid and this is used for filesystem access, > > > this makes it imposible for us to create a directory under /home > > > because is owned by root and set to 750. > > Sorry I was suppose to be 755.(as wrong i mail, correct on filesystem) > > ^^^^^ > > > there is no security threat from /home being world readable anyway, > > users should set perms on thier home directory to reflect the level of > > privacy they desire. > You are quite correct on all points and I do agree with them. > > But world-writable would not be a good idea as required by the current i said world readable not world writable. > code. fsuid/fsgid is still set to the user we are su'ing to. And to make > it possible to create a home directory ,would require world writable > permissions on home. i really think this is a configuration problem, a great many people have used this module without problems. -- Ethan Benson http://www.alaska.net/~erbenson/
Attachment:
pgp00092.pgp
Description: PGP signature
