[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: FTP (Re: Source code for Pam'd applications)

On Thu, 4 Feb 1999, Alan DeKok wrote:

>   Dropping the info messages AFTER the authentication mechanism
> doesn't help.  The messages are in a particular order for a reason.

FTP protocol does not allow more than one (perhaps two with account
trickery) prompt for auth. token anyway.

>   It would be preferable under the current system to return
> PAM_PERM_DENIED, instead of pretending to do what the module asked
> you to do.

My conversation function ignores a single type of message: the
informational message. It always returns the give password for echo-off
prompts, and fails on error messages and echo-on prompts. I think the
risk of unwanted success is negligible.

--Pavel Kankovsky aka Peak  [ Boycott Microsoft--http://www.vcnet.com/bms ]
"NSA GCHQ KGB CIA nuclear conspiration war weapon spy agent... Hi Echelon!"

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []