[PAM-NTDOM] using pam_ntdom for ftp authentication

Mayers, Philip J p.mayers at ic.ac.uk
Thu Jun 15 13:33:02 GMT 2000

Doh... Of course....


-----Original Message-----
From: Peter Samuelson [mailto:peter at cadcamlab.org]
Sent: Thursday, June 15, 2000 2:05 PM
To: Multiple recipients of list SAMBA-TECHNICAL
Subject: RE: [PAM-NTDOM] using pam_ntdom for ftp authentication

[Mayers, Philip J <p.mayers at ic.ac.uk>]
> The PAM module could reopen (dup()) the file handles 0/1/2 to /dev/null.
> Or am I missing the point?

Yeah, that wouldn't work.  PAM is a shared-library architecture, so the
module runs in the same process as the application.  Opening and
closing arbitrary file descriptors on behalf of the application is not
acceptible.  The only way to pull it off would be to fork a new process
for the purpose.


More information about the samba-technical mailing list