[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: non-interactive authentications...

Kaixo !

 > PAM is designed for the interactive authentication.
 > PAM modules give a prompt and ask what they want.

I think you are wrong here. The programs give the prompt, then passes whatever
the user typed to the libpam using the various pam functions.

I don't know PAM bery well; but even if I looked only on a few pam modules
and programs that use libpam, none of those modules was interactive by itself
and all the programs using libpam I looked at do all the interactive management
themselves and pass the data to libpam.

Anyway I think it is a gross error to hardcode some interactive thing into
a pam module, as that makes the module non portable across different daemons
servers etc; take for exemple pop3d and login, both ask for login/passwd
then verify it on a database; but they don't use same prompting.

A bientôt,
Pablo Saratxaga

:wq ;-)                   PGP Key available, key ID: 0x8F0E4975

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []