On Wed, 25 Jul 2007, Nicolas Tse wrote:
> Hi everyone,
>
> I wonder how the PAM module used in login can prevent
> the modification from the hostile user(someone may
> modify all the return values of the PAM module to
> PAM_SUCCESS to cheat the system).
>
Login being run under ordinary user can't authenticate another one since on
most systems its binary is not SUID root. But even if it was such, LD_PRELOAD
environment variable is ignored for SUID binaries on most (normal) systems.
--
Sincerely Your, Dan.
_______________________________________________
Pam-list mailing list
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list
