In message <200301212040.h0LKeVnR001992@vtn1.victoria.tc.ca>, John Nemeth write
s:
>     There have been a number of complaints about potential security
>issues.  A big one has had to do with PAM operating within the
>environment of the program wanting to do authentication.  However, if
>this is a problem, then an unauthorised person is already root, has the
>ability to place arbitrary files on the system, or the administrator
>has really screwed up the permissions on the PAM modules.  Either way,
>the game is already over, and it isn't a PAM problem (i.e. the problem
>is neither mitigated nor made worse by the presence of PAM).  The last
>problem could be mitigated by the PAM library refusing to load modules
>with inappropriate permissions.

Hmm.  I'm a bit confused.  One of the reasons that BSD/OS's BSD Authentication
uses external programs for authentication is so that the program doing the
authentication check needn't be running as root - unless the authentication
module wants to require it to.  How does PAM work for this?

-s