passdb
Simo Sorce
simo.sorce at polimi.it
Fri Oct 13 11:11:14 GMT 2000
Andrew Bartlett wrote:
>
> I have a particular interest in passdb, in particular PAM. My primary
> ideas involve tightining up samba's security so samba does less work for
> a potential attacker, and so it uses PAM even when it can't use it to
> check a password.
This will need passdb API changes or rewriting.
I'm alsointerested but remember that PAM must be an option
as too many samba-supported system does not have it.
> Samba should (IMHO) do account and session processing regardless of
> encrypted passwords. See OpenSSH for a *very* good implementation of
> this. (I did, as an exercise, start hacking the OpenSSH code into
> Samba, but got stuck looking for where samba actually starts a
> connection.)
>
> Adding session handling to samba looks quite easy, just add the hooks at
> the same places as the utmp handling does.
--
Simo Sorce - Integrazione Sistemi Unix/Windows - Politecnico di Milano
E-mail: simo.sorce at polimi.it
Tel.int: 02 2399 2425 - Fax.int. 02 2399 2451
-----------------------------------------------------------------
Be happy, use Linux!
More information about the samba-technical
mailing list