On Wed, Jul 25, Nicolas Tse wrote: > Hi everyone, > > I wonder how the PAM module used in login can prevent > the modification from the hostile user(someone may > modify all the return values of the PAM module to > PAM_SUCCESS to cheat the system). Only root can modify PAM modules in /lib/security. If this hostile user has write rights for /lib/security, you have a real problem which has nothing to do with PAM. If you has not, he cannot modify the return values of a module. Thorsten -- Thorsten Kukuk, Project Manager/Release Manager SLES SUSE LINUX Products GmbH, Maxfeldstr. 5, D-90409 Nuernberg GF: Markus Rex, HRB 16746 (AG Nuernberg) _______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
