Date: Sun, 8 Jul 2018 00:21:22 +1200 From: Thomas Munro <munro@ip9.org> To: freebsd-hackers@freebsd.org Subject: Adding an "expose_authtok" option to pam_exec(8) Message-ID: <CADLWmXVWxLf_bospnoNqs%2BprztZtpeRF1t1Dim_q8ijp6mizpA@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hello, On Linux, pam_exec.so has an option "expose_authtok" which causes the authentication token to be sent to the executed program's stdin. That's quite a useful bridge to languages other than C that want to check the password or use it to decrypt something etc, since otherwise you have to provide some kind of .so wrapper providing the PAM C API to get at that. I wrote a patch to implement that and posted it here: https://reviews.freebsd.org/D16171 . I'd be grateful for any feedback. Thanks, Thomas Munro
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CADLWmXVWxLf_bospnoNqs%2BprztZtpeRF1t1Dim_q8ijp6mizpA>