Re: About-me-password backend
- From: Brian Cameron <Brian Cameron Sun COM>
- To: JP Rosevear <jpr novell com>
- Cc: desktop-devel-list gnome org
- Subject: Re: About-me-password backend
- Date: Tue, 11 Apr 2006 14:11:19 -0700
On Mon, 2006-04-10 at 23:57 +0200, Johannes H. Jensen wrote:
Dear almighty GNOME hackers, I'm in need of some pointers!
I'm currently hacking on the about-me password dialog (see #321567),
which is spawning /usr/bin/passwd to authenticate and change the
password. In the new dialog, I'm dividing the process in two, so that
the user has to authenticate with his current password first (which
spawns passwd to verify). If passwd doesn't complain and prompts for
the new password, he can enter his new password, retype it and hit
"Change password". When he hits the button, some time has elapsed
since he first authenticated (and thus passwd was spawned).
Maybe its just me, but you probably want to actually do a proper pam
conversation here rather than calling /usr/bin/passwd. The
gnome-password submission novell made ages ago had this, and we have an
updated version shipping with more support.
One issue about supporting PAM is that some operating systems, like
Solaris, do not allow non-root users to make PAM calls. So to be
portable, it would be best if there were a way to launch a program
that did the PAM interaction that could run as root. I know from
discussion with the Solaris PAM team that they feel that allowing
non-root users to run PAM adds security concerns that will likely
prevent Solaris ever being able to support running PAM as a user.
Brian
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
