passdb
Andrew Bartlett
abartlet at pcug.org.au
Fri Oct 13 06:18:39 GMT 2000
I have a particular interest in passdb, in particular PAM. My primary
ideas involve tightining up samba's security so samba does less work for
a potential attacker, and so it uses PAM even when it can't use it to
check a password.
Samba should (IMHO) do account and session processing regardless of
encrypted passwords. See OpenSSH for a *very* good implementation of
this. (I did, as an exercise, start hacking the OpenSSH code into
Samba, but got stuck looking for where samba actually starts a
connection.)
Adding session handling to samba looks quite easy, just add the hooks at
the same places as the utmp handling does.
Andrew Bartlett
abartlet at pcug.org.au
"Christopher R. Hertel" wrote:
>
> > I'm still waiting to start a discussion on the passdb backend, as I've
> > not seen anything on samba techincal I was wondering if there have been
> > any between samba team members or if there will be any.
> > I've written some code to add a tdb password database and there are some
> > points I think must be discussed before further efforts.
> >
> > Is there anyone else working on this thing?
>
> I threw in my 2-cents regarding the design, but that's all I can do I'm
> 'fraid. Too much else on my plate.
>
> Chris -)-----
>
> --
> Christopher R. Hertel -)----- University of Minnesota
> crh at nts.umn.edu Networking and Telecommunications Services
>
> Ideals are like stars; you will not succeed in touching them
> with your hands...you choose them as your guides, and following
> them you will reach your destiny. --Carl Schultz
--
Andrew Bartlett
abartlet at pcug.org.au
More information about the samba-technical
mailing list