On Sun, Jul 21, 2002 at 02:47:38PM -0400, Elliot Lee wrote: > > Avery> Why would redhat make ksu (at least in the 7.2 distro) > > Avery> _not_ setuid root? kinda pointless for root to be the only > > Avery> user who can ksu. > > The "right" solution would probably be to have a PAM module that su uses > to check ~targetuser/.k5users, similar to the PAM module that does > ~targetuser/.rhosts checking for rlogin/rsh. > > Just in case someone is bored enough to write code ;-)
See <URL:http://www.freebsd.org/cgi/cvsweb.cgi/src/lib/libpam/modules/pam_ksu/>. It is probably tightly coupled with FreeBSD's PAM and SU implementations. Cheers, -- Jacques A. Vidrine <[EMAIL PROTECTED]> http://www.nectar.cc/ NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos [EMAIL PROTECTED] . [EMAIL PROTECTED] . [EMAIL PROTECTED] ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] http://mailman.mit.edu/mailman/listinfo/kerberos
