[PAM-NTDOM] using pam_ntdom for ftp authentication

[Peter Samuelson]

[Mayers, Philip J <p.mayers at ic.ac.uk>]
> The PAM module could reopen (dup()) the file handles 0/1/2 to /dev/null.
> 
> Or am I missing the point?

Yeah, that wouldn't work.  PAM is a shared-library architecture, so the
module runs in the same process as the application.  Opening and
closing arbitrary file descriptors on behalf of the application is not
acceptible.  The only way to pull it off would be to fork a new process
for the purpose.

Peter