Subject: Re: integrating PAM
To: None <firstname.lastname@example.org>
From: Dan Melomedman <email@example.com>
Date: 01/24/2003 20:55:52
> Please forgive me, but I can't believe I just read this.
> Dan, this is the thing which has been plaguing UNIX for years: A child
> process cannot modify its parent; in fact a process cannot modify another
> already running process while it is running unless framework is built into
> place to facilitate and both processes co-operate with each other, OR a
> framework is built into the kernel to allow one process to arbitrarily
> modify another process.
I didn't write 'fork()', did I? checkpassword doesn't fork any children,
it modifies its environment, and exec()s the next program.
About modifying other processes. Mrs. Brisby's kchuid Linux hack can
change uid/gid of another process, such that you can avoid suid.
One more thing: see getpeereuid() at superscript.com.