I am planning to use the below the Authen PAM script( Example from the CPAN site) from mod_perlWill the username,password we supply can be monitored on the server using ps -ef command?
Via ps - but not necessarily with the -ef options, more likely with ps axe (BSD style) - they will only be visible if they are exported into the environment (i.e. somehow accessible inside the perl script through the %ENV hash). But there are other methods to intercept them on a server, e.g. sniffing the network or tracing the apache process.
update - be aware also, that changing authentication tokens will only succeed if the process doing that runs under UID 0, that is, as root.
--shmem
_($_=" "x(1<<5)."?\n".q·/)Oo. G°\ /
/\_¯/(q /
---------------------------- \__(m.====·.(_("always off the crowd"))."·
");sub _{s./.($e="'Itrs `mnsgdq Gdbj O`qkdq")=~y/"-y/#-z/;$e.e && print}
In reply to Re: Authen PAM security question
by shmem
in thread Authen PAM security question
by Anonymous Monk
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |