On Mon, Jul 10, 2006, Chris Lightfoot wrote:
>>> Hang on - it's not supposed to, is it? The whole point of /etc/shadow
>>> is to hide the crypted tokens away. Then a mechanism is provided
>>> (PAM) for checking passwords without having to expose the shadow file.
>> PAM works using shared libraries. It doesn't provide any route around
>> Unix's usual security boundaries.
> There's typically a setuid helper which pam_unix calls,
> isn't there? Usually called unix_chkpwd or pwdb_chkpwd.
> It's invoked when pam_unix fails to obtain the password
> hash itself with getsp*. However, it can only be used to
> test the password of the user calling the program (exim in
> this case) and is therefore no use for this application. I
> think the idea is to be able to implement something like
> xlock without any privileged code outside PAM.
Try <
http://tehran.lain.pl/x/pam.c>. As the comment states, the source
is stolen from saslauthd.
