Yes, this is the limitation that is compiled into the linux pam
implementation.. BUT, this normally isn't a issue since 'su' is run as
root.. login as root... almost all utilities that do authentication run as
root. The reason behind this is they wish to make it MUCH harder for user
level processes to do brute force attacks on passwords.
This is why I created a external program which is suid to root which does
nothing but call the PAM libraries. This got around the fact that exim
calls setuid and setgid before accepting email.
--josh
----- Original Message -----
From: "Derek Simkowiak" <dereks@???>
To: "Josh Siegel" <joshs@???>
Cc: "Artem S. Tashkinov" <birdie@???>; <exim-users@???>
Sent: Friday, January 24, 2003 11:19 AM
Subject: Re: [Exim] PLAIN authentification isn't working
> > exim resets its own userid which prevents PAM from working.
>
> What do you mean by "exim resets its own userid"? Are you
> referring to the fact that it does a setuid() and setgid() before
> accepting incoming mail?
>
> Does this mean that all PAM clients must be suid as root? That
> seems like a rather silly limitation.
>
>
> Thanks,
> Derek
>
>
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim
details at
http://www.exim.org/ ##
>
>