[systemd-devel] pam: Don't use loginuid [was: Re: Fix PAM module to not clobber XDG_RUNTIME_DIR with su]
Lennart Poettering
lennart at poettering.net
Wed Nov 20 15:36:38 PST 2013
On Tue, 19.11.13 13:13, Colin Walters (walters at verbum.org) wrote:
> Anyways, new tested patch attached. Lennart, any objections?
Yes. Let's not tape over problems and pretend things could work if we
freely mix and match things.
I do like Martin's original patch, since by unsetting XDG_RUNTIME_DIR it
basically tells apps "Hey, all bets are off, you are fucked", and
doesn't pretend XDG_RUNTIME_DIR would still work. Because it doesn't.
The other thing, as mentioned before that I'd be willing to do is turn
"su -" and "sudo -s" into something that creates an entirely new logind
session that is detached from the audit session. (see other mail).
Lennart
--
Lennart Poettering, Red Hat
More information about the systemd-devel
mailing list