Re: [Exim] Exim and PAM, again

Top Page
Delete this message
Reply to this message
Author: Nigel Metheringham
Date:  
To: Richard Mayhew
CC: Christi Alice Scarborough, exim-users
Subject: Re: [Exim] Exim and PAM, again
splash@??? said:
> As far as I can see, I don't see why PAM can't read shadow password
> files as it runs as root as far as I understand it. I am Running RH
> 6.2.


PAM is a dynamically loaded set of libraries. It runs as the UID of
the invoking process - other than a few special cases such as a setuid
helper for the pwdb module (which reads shadow, but refuses to return
data other than for the UID it is invoked by). This is a place where
Unix could do with authenticated subsystems such as in the late
lamented Apollo Domain/OS

    Nigel.
-- 
[ - Opinions expressed are personal and may not be shared by VData - ]
[ Nigel Metheringham                  Nigel.Metheringham@??? ]
[ Phone: +44 1423 850000                         Fax +44 1423 858866 ]