Re: Login PAM interaction suspect

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


On Thu, Nov 17, David Mitton wrote:

> Which was the first thing I saw login do wrong.  It calls pam_open_session 
> before pam_setcred.  I'm waiting for someone to explain that.

As I think somebody wrote already here: it's a bug in login where
I did send already a patch upstream.

> The scope of what it means to set credentials is obscure here.
> Since typically credentials are username and password and they are either 
> stored in a local file or a remote server.

No, this are not credentials. This is the authentication stuff.
Credentials tells the system what you are allowed to do and what not.

> The UID and GID are not credentials in the typical authentication sense.

They are credentials in a typical UNIX system, but you are right
that they are not for authentication. But they tell the system later
what you are allowed to do and what not.


Thorsten Kukuk, Project Manager/Release Manager SLES
SUSE LINUX Products GmbH, Maxfeldstr. 5, D-90409 Nuernberg
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 16746 (AG Nürnberg)

Pam-list mailing list

[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux