[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: About-me-password backend

From: Brian Cameron <Brian Cameron Sun COM>
To: JP Rosevear <jpr novell com>
Cc: desktop-devel-list gnome org
Subject: Re: About-me-password backend
Date: Tue, 11 Apr 2006 14:11:19 -0700

On Mon, 2006-04-10 at 23:57 +0200, Johannes H. Jensen wrote:
Dear almighty GNOME hackers, I'm in need of some pointers!
I'm currently hacking on the about-me password dialog (see #321567),which is spawning /usr/bin/passwd to authenticate and change thepassword. In the new dialog, I'm dividing the process in two, so thatthe user has to authenticate with his current password first (whichspawns passwd to verify). If passwd doesn't complain and prompts forthe new password, he can enter his new password, retype it and hit"Change password". When he hits the button, some time has elapsedsince he first authenticated (and thus passwd was spawned).
Maybe its just me, but you probably want to actually do a proper pam
conversation here rather than calling /usr/bin/passwd.  The
gnome-password submission novell made ages ago had this, and we have an
updated version shipping with more support.


One issue about supporting PAM is that some operating systems, like
Solaris, do not allow non-root users to make PAM calls.  So to be
portable, it would be best if there were a way to launch a program
that did the PAM interaction that could run as root.  I know from
discussion with the Solaris PAM team that they feel that allowing
non-root users to run PAM adds security concerns that will likely
prevent Solaris ever being able to support running PAM as a user.

Brian

Follow-Ups:
- Re: About-me-password backend
  - From: JP Rosevear

References:
- About-me-password backend
  - From: Johannes H. Jensen
- Re: About-me-password backend
  - From: JP Rosevear

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]