|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: RE: Passing password through a PAM-API
From: Mayers, Philip J (p.mayers
ic.ac.uk)Date: Fri Dec 15 2000 - 13:27:02 CST
- Next message: Michael Tokarev: "pam_listfile is *buggy* (and a replacement)"
- Previous message: Nicolas Williams: "Re: Passing password through a PAM-API"
- Maybe in reply to: Benjamin S Vera-tudela: "Passing password through a PAM-API"
- Maybe reply: Mayers, Philip J: "RE: Passing password through a PAM-API"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
(I must be going senile - I swear I search my local archive for a mention of
this, and now I come to do it again, and there we are...)
Yes, I'd characterise that as broken.
Regards,
Phil
+----------------------------------+
| Phil Mayers, Network Support |
| Centre for Computing Services |
| Imperial College |
+----------------------------------+
-----Original Message-----
From: Nicolas Williams [mailto:Nicolas.Williamsubsw.com]
Sent: 15 December 2000 18:53
To: pam-listredhat.com
Subject: Re: Passing password through a PAM-API
Look for a previous email from me to the list explaining the problem:
pam_authenticate() and friends call _pam_sanitize() before calling the
module methods and _pam_sanitize() simply overwrites the PAM_AUTHTOK
item (and PAM_OLDAUTHTOK).
In other words, handling of the PAM_*AUTHTOK items is broken.
Nico
_______________________________________________
Pam-list mailing list
Pam-listredhat.com
https://listman.redhat.com/mailman/listinfo/pam-list
- Next message: Michael Tokarev: "pam_listfile is *buggy* (and a replacement)"
- Previous message: Nicolas Williams: "Re: Passing password through a PAM-API"
- Maybe in reply to: Benjamin S Vera-tudela: "Passing password through a PAM-API"
- Maybe reply: Mayers, Philip J: "RE: Passing password through a PAM-API"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]