16 Nov 2011 22:43
Re: Login PAM interaction suspect
David Mitton <david <at> mitton.com>
2011-11-16 21:43:15 GMT
2011-11-16 21:43:15 GMT
Quoting Nicolas François <nekral.lists <at> gmail.com>: > Hello, > > On Wed, Nov 16, 2011 at 10:38:55AM -0500, David Mitton wrote: >> >> This was discussed in some other forum (which I lost my breadcrumbs to). >> It's moot to me, as I currently don't plan on changing that value. >> But login should not assume that getpwnam(PAM_USER) will work until >> committed with a setcred. > > OK. I see your point and getpwnam() should be delayed as much as possible. > > However, login is required to setuid(<UID>) / setgid(<GID>) before > setcred, and <UID> or <GID> can only be found using getpwnam(PAM_USER). Why would that be? and where is it written? Thanks > > Best Regards, > -- > Nekral > > _______________________________________________ > Pam-list mailing list > Pam-list <at> redhat.com > https://www.redhat.com/mailman/listinfo/pam-list >
RSS Feed