From owner-freebsd-hackers Sun Nov 2 16:19:40 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id QAA19886 for hackers-outgoing; Sun, 2 Nov 1997 16:19:40 -0800 (PST) (envelope-from owner-freebsd-hackers) Received: from misery.sdf.com (misery.sdf.com [204.244.210.193]) by hub.freebsd.org (8.8.7/8.8.7) with SMTP id QAA19867; Sun, 2 Nov 1997 16:19:21 -0800 (PST) (envelope-from tom@sdf.com) Received: from tom by misery.sdf.com with smtp (Exim 1.73 #1) id 0xSACf-0004n8-00; Sun, 2 Nov 1997 16:17:13 -0800 Date: Sun, 2 Nov 1997 16:17:11 -0800 (PST) From: Tom To: hackers@freebsd.org cc: Eivind Eklund , se@freebsd.org, cvs-committers@freebsd.org, cvs-all@freebsd.org, cvs-ports@freebsd.org Subject: Re: Password verification (Was: cvs commit: ports/x11/kdebase - Imported sources) In-Reply-To: <199711022355.VAA00864@gaia.coppe.ufrj.br> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk On Sun, 2 Nov 1997, Joao Carlos Mendes Luis wrote: ... > But, how to allow users check only their own password, and still > have the added security of shadow passwords ? I can only think > in a kind of password checking daemon that would accept commands > on a AF_UNIX socket and some patches to libc pw commands. You can always use the pwcheck daemon from the Cyrus module (see ports). It opens a unix socket at /var/pwcheck/pwcheck. Permissions on the /var/pwcheck directory can be used to determine who can check passwords. > Jonny > > -- > Joao Carlos Mendes Luis jonny@gta.ufrj.br > +55 21 290-4698 jonny@coppe.ufrj.br > Universidade Federal do Rio de Janeiro UFRJ/COPPE/CISI > PGP fingerprint: 29 C0 50 B9 B6 3E 58 F2 83 5F E3 26 BF 0F EA 67 > > Tom