Re: [Exim] Exim and PAM, again

Góra strony
Delete this message
Reply to this message
Autor: Nigel Metheringham
Data:  
Dla: Richard Mayhew
CC: Christi Alice Scarborough, exim-users
Temat: Re: [Exim] Exim and PAM, again
splash@??? said:
> As far as I can see, I don't see why PAM can't read shadow password
> files as it runs as root as far as I understand it. I am Running RH
> 6.2.


PAM is a dynamically loaded set of libraries. It runs as the UID of
the invoking process - other than a few special cases such as a setuid
helper for the pwdb module (which reads shadow, but refuses to return
data other than for the UID it is invoked by). This is a place where
Unix could do with authenticated subsystems such as in the late
lamented Apollo Domain/OS

    Nigel.
-- 
[ - Opinions expressed are personal and may not be shared by VData - ]
[ Nigel Metheringham                  Nigel.Metheringham@??? ]
[ Phone: +44 1423 850000                         Fax +44 1423 858866 ]