Subject: Re: BSD Authentication
To: Dr R.S. Brooks <>
From: Paul Ripke <>
List: current-users
Date: 09/09/2003 21:53:11
On Tuesday, Sep 9, 2003, at 19:57 Australia/Sydney, Dr R.S. Brooks 

> On Mon, 8 Sep 2003, Peter Seebach wrote:
>> In message <>, Noriyuki 
>> Soda writes
>> :
>>>>>>>> On Mon, 08 Sep 2003 14:32:35 -0500,
>>> (Peter Seebach) said:
>>>> But then, in the cases where it's really the authentication client 
>>>> that
>>>> needs to be eaccessible to the PAM module, this *won't work*.
>>> Hmm, I cannot understand this sentence.
>>> What do you mean here?
>> I cannot see what is magic about screensavers.
> Screensavers ONLY validate the password of the user who started them.
> Everything else I can think of which validates passwords does it as a
> prelude to becoming another user (usualy root -> non-root), and as a
> result acquiring all that user's rights (and dropping all the rights
> of the previous user).

Bzzt. Don't forget `xlock -allowroot' and equivalent - mandatory in any
shared environment. Don't know how many times it's got me out of 

OK, it doesn't involve a privilege switch to another user, but...

Paul Ripke
I love deadlines. I like the whooshing sound they make as they fly by.
-- Douglas Adams