|
From: | Ognyan Kulev |
Subject: | Re: the watchdog of login program |
Date: | Sat, 28 Aug 2004 10:24:15 +0300 |
User-agent: | Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040413 Debian/1.6-5 |
Roland McGrath wrote:
auth_makeauth will fail when the caller is authenticated as nonroot.
You mean auth_makeauth inside ugids_verify_make_auth, right? Without being root, login makes ids of new user.
Isn't it right that password_check_{user,group}, used as default verify_fn function in ugids_verify_make_auth, get the needed authentication handles without login being root? The sequence is:
1. ugids_verify uses verify_fn to check passwords. The authentications are accumulated in svma_state.auths. 2. auth_makeauths is called with the same svma_state.auths, and that's why it succeeds.
Regards, ogi
[Prev in Thread] | Current Thread | [Next in Thread] |