Hello,

I have an application supporting pam, but it is running with insufficient
privileges to do authentication against the system (shadow) password
database. The application is not designed to run with elevated privileges
and modifying it would pose significant difficulties.

I want to authenticate against the system passwords nevertheless, and my
idea is to have a small local "authentication proxy" with sufficient
privileges to do the authentication, communicating with the application
through unix domain sockets or similiar.

My question is whether someone has already implemented a pam module +
authentication proxy or something similiar that could be useful in this
situation, potentially saving me a lot of work getting all the tricky
details right?

Best regards

-- 
Helge Bahmann <bahmannmath.tu-freiberg.de>             /| \__
Network admin, systems programmer                      /_|____\
                                                     _/\ |   __)
$ ./configure                                        \\ \|__/__|
checking whether build environment is sane... yes     \\/___/ | 
checking for AIX... no (we already did this)            |
_______________________________________________
Pam-list mailing list
Pam-listredhat.com
https://listman.redhat.com/mailman/listinfo/pam-list

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]