[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: PAM and shadow



Previously Andrew Morgan wrote:
> use pam_pwdb (which uses a little helper binary to check the user's own
> password).

Okay, I found it. I noticed you do some checking to prevent people from
running brute-force attacks, mostly by only verifying the password of
the user running it.

I still wonder why there is no way to initialize a module when you call
pam_start() though. You could then do the fgetpwent() trick, and it
might be useful for other modules as well, if not now then maybe in the
future.

Wichert.

-- 
==============================================================================
This combination of bytes forms a message written to you by Wichert Akkerman.
E-Mail: wakkerma@cs.leidenuniv.nl
WWW: http://www.wi.leidenuniv.nl/~wichert/

Attachment: pgp00002.pgp
Description: PGP signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []