Re: PAM authentication patch - v2

[Max Bowsher]

Brian Murphy wrote:
> Despite the dire warnings in the PAM documentation I can't see that
> using program_name is a problem.
> CVS is not installed suid root so it has no special priviledges unless
> it is run as root and you need to be
> root to do that. If cvs should ever become a daemon and run suid then
> this could be a problem.
> The service name determines the configuration file that gets user for
> PAM. If you are a local user
> already then even an unrestricted cvs cannot do more than you as a user
> can. And you still cannot change
> what the cvs accessed via pserver is called.
>
> Can anyone else see the problems I'm missing?

No, but is there any functional benefit from ignoring the warnings?

The warnings:
http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/pam_appl-4.html#ss4.
2

They are quite emphatic about it.

Since there are valid reasons to run cvs setuid or setgid, is this worth the
risk?

If you do decide it is worth the risk, I'm sure cautious sysadmins would
appreciate a configure option to force hardcoding.


Max.