[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: An "orthogonal" way of using libpam

> > On Wed, 25 Dec 2002, Joerg Sommer wrote:
> >> Igmar Palsenberg <maillist@jdimedia.nl> wrote:
> > One extra hypothetical but handy example:
> >    - on a restricted machine run one sshd that listens on all
> >      interfaces and uses a restrictive pam setup,
> >      run another one that listens on local interface only
> >      but allows test accounts to start sessions
> > 
> > You can do a similar thing by tweaking sshd_config, but as soon as you
> > have more than one service you would use in that way (xdm? samba? imap?)
> > you may find PAM to be very handy. Even with sshd only, PAM is a way more
> > powerful than sshd_config.
> Now I understand, what you want. But I think, it isn't a task of pam.
> Every application should provide a possibility to set the string passed
> to pam as service_name by pam_start().

That isn't the problem, the problem is that PAM always want's it config in 

and the user has no way of changing that location, which in some cases can 
be handy if the user's application wants to do it's own authentication.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []