[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: non-root password lookups?


Ship's Log, Lt. Chris, Stardate 190199.1949:
> > 
> > What use would shadow passwords have, if a unprivileged user can query 
> > them?
> Well...then the query is at your control - and if you make a single query take
> a full second (or more) then it will take a very long time to brute force
> anything (and thats assuming there is no logging).
> > 
> > I heared on Solaris you have a daemon, which takes username/password
> > and tells you if the combination is OK.

Is that not what pam is all about?

Alexander N. Benner  -  The Seven Promises of a Promise Keeper:  -7-

A Promise Keeper is committed to influencing his world, being obedient to
the Great Commandment (Mark 12:30f) and the Great Commission (Matt 28:19f).

Reply to: