projects / platform / upstream / polkit.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c1c6366) | patch
move PAM stack usage to separate helper
authorDavid Zeuthen <davidz@redhat.com>
Mon, 30 Jul 2007 22:54:36 +0000 (18:54 -0400)
committerDavid Zeuthen <davidz@redhat.com>
Mon, 30 Jul 2007 22:54:36 +0000 (18:54 -0400)
commit368397f96a472bfedd596c8890586cc4fd9a0428
tree8109eb13d02e2f242385cd92ed0bbeb93a77546ftree | snapshot
parentc1c6366d7102990904ac1c9f4aa6b9c8ef9b7a65commit | diff
move PAM stack usage to separate helper

So it turns out that I hadn't been using shadow passwords on my other
development box (don't ask) and that's why auth as root worked fine
when just running as an unprivileged user. However, to auth as another
user (such as root), the process embedding pam needs to run as
root. Therefore, split out the actual authentication bits into a small
and easy to audit helper, polkit-grant-helper-pam.

The auth now goes like this:

 polkit-gnome <-links with-> libpolkit-grant
                                   ^
                                   |
                                spawns
                                   |
                                   V
                     /usr/libexec/polkit-grant-helper
                                   ^
                                   |
                                spawns
                                   |
                                   V
                   /usr/libexec/polkit-grant-helper-pam

where

 polkit-grant-helper
    is setgid polkit; it links with libdbus and libpolkit.

 polkit-grant-helper-pam
    is setuid root; it links only with libpam
configure.in diff | blob | history
polkit-grant/Makefile.am diff | blob | history
polkit-grant/polkit-grant-helper-pam.c [new file with mode: 0644] blob
polkit-grant/polkit-grant-helper.c diff | blob | history
polkit-grant/polkit-grant.c diff | blob | history
Domain: System / Uncategorized;