Subject: Re: Using __progname for PAM service names in pam_start()
To: Jason Thorpe <>
From: David Brownlee <>
List: tech-userlevel
Date: 06/14/2007 14:03:10
On Wed, 13 Jun 2007, Jason Thorpe wrote:

> On Jun 13, 2007, at 10:01 AM, Christos Zoulas wrote:
>> In article <>,
>> Joerg Sonnenberger  <> wrote:
>>> On Wed, Jun 13, 2007 at 07:19:28AM +0000, Emmanuel Dreyfus wrote:
>>>> Anyone sees an objection to the system-wide replacement of the pam_start
>>>> first argument (PAM service name) by __progname? I see only benefits 
>>>> here...
>>> How does this interact with calling e.g. su with
>>> 	execlp("/usr/bin/su", "ftpd");
>>> I think this creates a security issue.
>> Probably does...
> I agree.  I think it's safest for the app to hard-code the service name into 
> the call to avoid impersonation problems like this.  And we should fix sshd 
> to do so.

 	One variation might be to allow a different name if it starts with
 	the original name. eg, you can call ftpd 'ftpd-moose' or 'ftpd2',
 	but not 'myftpd'.

 	Taht is if the feature is deemed useful enough for the effort.

 		David/absolute       -- No hype required --