[PAM-NTDOM] using pam_ntdom for ftp authentication

Peter Samuelson peter at cadcamlab.org
Thu Jun 15 12:58:54 GMT 2000

[Mayers, Philip J <p.mayers at ic.ac.uk>]
> The PAM module could reopen (dup()) the file handles 0/1/2 to /dev/null.
> Or am I missing the point?

Yeah, that wouldn't work.  PAM is a shared-library architecture, so the
module runs in the same process as the application.  Opening and
closing arbitrary file descriptors on behalf of the application is not
acceptible.  The only way to pull it off would be to fork a new process
for the purpose.


More information about the samba-technical mailing list