[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: API differences between Heimdal and MIT
On Fri, Feb 03, 2006 at 01:19:29PM +0200, Juha Jäykkä wrote:
> Back to the matter of .k5login. I do not have an unreadable .k5login. It's
> not even empty. It just happens to reside on a filesystem, where root is
> not allowed to access it.
Then I'd suggest that the bug is in the PAM module: it should drop root
privileges before calling krb5_userok(), and regain the privileges
afterward. Maybe it should be documented in the krb5_userok() man page
that it requires filesystem access and therefore it should be called
with the privileges of the intended user. I think the current Heimdal
behavior is desirable; if .k5login is unreadable for _any_ reason then
there is a problem somewhere and the system should fail to the safe side
by blocking such an user.
Gabor
--
---------------------------------------------------------
MTA SZTAKI Computer and Automation Research Institute
Hungarian Academy of Sciences
---------------------------------------------------------