From: Andrew G. Morgan Date: Sat, 26 May 2001 20:45:09 +0000 (+0000) Subject: Relevant BUGIDs: 417512 X-Git-Tag: Linux-PAM-0-76~84 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=d06c7d9afd627edbe7d59cd957243fab5bcdbf18;p=linux-pam Relevant BUGIDs: 417512 Purpose of commit: add a clarification Commit summary: --------------- At a user's request, added a clarification to the documentation regarding the choice of argv[0] as a service name. --- diff --git a/CHANGELOG b/CHANGELOG index cf39d9b3..35fde180 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -49,6 +49,8 @@ bug report - outstanding bugs are listed here: 0.76: please submit patches for this section with actual code/doc patches! +* pam_appl.sgml change - more discussion of choosing a service name + (Bug 417512 - agmorgan) * more specific linking requirements for -lndbm for pam_userdb - from David Lee (Bug 417339 - agmorgan) * a large number of small changes to make AIX support better (Bug diff --git a/doc/pam_appl.sgml b/doc/pam_appl.sgml index a30dfd6f..f033dff0 100644 --- a/doc/pam_appl.sgml +++ b/doc/pam_appl.sgml @@ -46,7 +46,7 @@ DAMAGE. The Linux-PAM Application Developers' Guide <author>Andrew G. Morgan, <tt>morgan@kernel.org</tt> -<date>DRAFT v0.75 2001/03/18 +<date>DRAFT v0.76 2001/05/26 <abstract> This manual documents what an application developer needs to know about the <bf>Linux-PAM</bf> library. It describes how an application @@ -1074,6 +1074,16 @@ should <bf/avoid/ the temptation of choosing something related to application on a system under a different name and this should not be permitted to cause a security breach. +<p> +In general, this is always the right advice if the program is setuid, +or otherwise more privileged than the user that invokes it. In some +cases, avoiding this advice is convenient, but as an author of such an +application, you should consider well the ways in which your program +will be installed and used. (Its often the case that programs are not +intended to be setuid, but end up being installed that way for +convenience. If your program falls into this category, don't fall into +the trap of making this mistake.) + <p> To invoke some <tt/target/ application by another name, the user may symbolically link the target application with the desired name. To be