The situation becomes even more dangerous when the suid/sgid programs are poorly written. e.g when suid programs are written, then at the run time the privileges are elevated. Now, if the programmer forgets to drop the privileges then the root privileges are retained by the program.
Category: Security Knowledge Base
Linux Security: PAM an Introduction
Linux Security is greatly enhanced if authentication to the system is well under control. PAM plays a great role in this process. PAM expands to Pluggable Authentication Modules. I promise to explain PAM in as easy manner as I can. Just be ready to read forwards and you are done. Since the blog is tightly focussed on security of unix based system, so I assume the general basic knowledge of unix based operating systems.