Re: non-root password lookups?
Ship's Log, Lt. Chris, Stardate 190199.1949:
> > What use would shadow passwords have, if a unprivileged user can query
> > them?
> Well...then the query is at your control - and if you make a single query take
> a full second (or more) then it will take a very long time to brute force
> anything (and thats assuming there is no logging).
> > I heared on Solaris you have a daemon, which takes username/password
> > and tells you if the combination is OK.
Is that not what pam is all about?
Alexander N. Benner - The Seven Promises of a Promise Keeper: -7-
A Promise Keeper is committed to influencing his world, being obedient to
the Great Commandment (Mark 12:30f) and the Great Commission (Matt 28:19f).