-----BEGIN PGP SIGNED MESSAGE----- In article <[EMAIL PROTECTED]>, Elliot Lee <[EMAIL PROTECTED]> wrote: >> Avery> Why would redhat make ksu (at least in the 7.2 distro) >> Avery> _not_ setuid root? kinda pointless for root to be the only >> Avery> user who can ksu. > >The "right" solution would probably be to have a PAM module that su uses >to check ~targetuser/.k5users, similar to the PAM module that does >~targetuser/.rhosts checking for rlogin/rsh. >
- - ksu does a lot more than su, you can use it as replacement for sudo if you are sufficiently motivated. I'm not sure PAM is sufficiently flexible enough to support these added features. ( Basically, you need to pass argc,argv down to the pam routine. ) - - Booker C. Bense -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBPTwXjgD83u1ILnWNAQG3RAQAuN7tV+V62gPW6c5FSxpSG9kT7ji1jEe5 5Z1f1luCK7b7VrcgMNRXuthCBjRy1f+Wr+UqReatnk6Tyvw5inLis8bhJzySzFIC L0qrs7yu8UoQoUhIhrHPBKDntmsxEDtwVp+Mv64W2SvEE5hrnUHt6KlkzvmXBe9O cJldQh++YFM= =p4uU -----END PGP SIGNATURE----- -- ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] http://mailman.mit.edu/mailman/listinfo/kerberos
