Freeradius-Users Digest, Vol 124, Issue 3
A.L.M.Buxey at lboro.ac.uk
A.L.M.Buxey at lboro.ac.uk
Tue Aug 4 23:27:57 CEST 2015
Hi,
> Well, I have just tried (as root, in CentOS) to edit /etc/group by
> hand, and I had no problems. Is it not the case that if the RADIUS PAM
> module runs as root, it will also be able to do so?
what you seem to be after is a very specific local requirement - in which case a tool
running as root could do that ...but noone would want to run such a tool
outside your site... its would be a nice way to an interesting disaster....just look
at the current 0-day exploit for MAC OSX that hijacks a tool running with root privileges :/
in short...if you WANT some form of plugin that edits /etc/group yourself..do it.
alan
More information about the Freeradius-Users
mailing list