unknown
1970-01-01 00:00:00 UTC
I don't think that using a wrapper library (perhaps you mean program
here?) is going to work. I think that we can do a better and more
secure job by using fine grain privilege escalation.
So, it seems like doing the ACL stuff for at least the .bir file
shouldn't be controversial at all, right? If your filesystem has
support for ACLs then the permissions just work.
In summary, I think the solution to being able to use pam thinkfinger
as a regular user is:
* Set ACL to allow that user to read only their .bir file
* Allow the user that is active on the console/seat to have
permission to write to the thinkfinger device
Thanks,
Jon
here?) is going to work. I think that we can do a better and more
secure job by using fine grain privilege escalation.
So, it seems like doing the ACL stuff for at least the .bir file
shouldn't be controversial at all, right? If your filesystem has
support for ACLs then the permissions just work.
In summary, I think the solution to being able to use pam thinkfinger
as a regular user is:
* Set ACL to allow that user to read only their .bir file
* Allow the user that is active on the console/seat to have
permission to write to the thinkfinger device
Thanks,
Jon