Subject: Re: BSD Authentication
To: Dr R.S. Brooks <R.S.Brooks@liverpool.ac.uk>
From: Paul Ripke <email@example.com>
Date: 09/09/2003 21:53:11
On Tuesday, Sep 9, 2003, at 19:57 Australia/Sydney, Dr R.S. Brooks
> On Mon, 8 Sep 2003, Peter Seebach wrote:
>> In message <200309081948.h88JmDq19088@srapc342.sra.co.jp>, Noriyuki
>> Soda writes
>>>>>>>> On Mon, 08 Sep 2003 14:32:35 -0500,
>>> firstname.lastname@example.org (Peter Seebach) said:
>>>> But then, in the cases where it's really the authentication client
>>>> needs to be eaccessible to the PAM module, this *won't work*.
>>> Hmm, I cannot understand this sentence.
>>> What do you mean here?
>> I cannot see what is magic about screensavers.
> Screensavers ONLY validate the password of the user who started them.
> Everything else I can think of which validates passwords does it as a
> prelude to becoming another user (usualy root -> non-root), and as a
> result acquiring all that user's rights (and dropping all the rights
> of the previous user).
Bzzt. Don't forget `xlock -allowroot' and equivalent - mandatory in any
shared environment. Don't know how many times it's got me out of
OK, it doesn't involve a privilege switch to another user, but...
I love deadlines. I like the whooshing sound they make as they fly by.
-- Douglas Adams