On Wed, 2003-11-12 at 23:41, Hongli Lai wrote: > Andrew Sobala wrote: > > >What's the use cases for su-in-the-desktop? I would have thought that > >the big one would be a nautilus (or gnome-vfs) subprocess grabbing > >superuser rights to edit system files then dropping them again later. > > > > As far as I know you can't fork() and then give the subprocess root > privileges. All PAM apps are setuid roots, and lower their priviledges, > not raise them. > All authentication systems call a setuid root executable to verify the > password, then that executable lowers priviledge and exec() an executable. Right, so can we do it that way? My point was that can the authentication be controlled with PAM. I may be missing something. -- Andrew Sobala <as583 cam ac uk> Given by our hand in the meadow that is called Runnymede, between Windsor and Staines, on the fifteenth day of June in the seventeenth year of our reign.
Attachment:
signature.asc
Description: This is a digitally signed message part