[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: FTP (Re: Source code for Pam'd applications)



> I'll document the behaviour and everything will be ok? :)

  It would help.  But I don't have the time or inclination to read the
docs on every application to see if it *really* does PAM, as opposed
to just faking it.

> Blackholing info messages is probably a suboptimal idea. There is an
> alternative solution: one could save them to a buffer and print them out
> together with the final result (hoping the clients are able to eat
> multiline responses). Another approach would be to use PAM_SILENT.

  But (at some level) PAM supports conversations like:

Username:
Password:
Mothers maiden name:
Favorite color:

  Dropping the info messages AFTER the authentication mechanism
doesn't help.  The messages are in a particular order for a reason.

  It would be preferable under the current system to return
PAM_PERM_DENIED, instead of pretending to do what the module asked
you to do.

  Alan DeKok.



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []