PAM bug in ckpasswd?
rra at stanford.edu
Mon Mar 2 19:18:14 UTC 2009
Martin Tessarek <mt at nef.wh.uni-dortmund.de> writes:
> I think I came across a bug in ckpasswd regarding PAM. ckpasswd can't
> check the user auth via PAM if not run by the user in question or
> root... When nnrpd is run as user news (uid 9 on debian), the user auth
> fails if ckpasswd has no read access to shadow...
How this works depends on the PAM configuration of your local system.
With Debian, for example, there is a setgid helper program provided by
pam_unix named unix_chkpwd that's used to do the password checks.
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
More information about the inn-bugs