On Tue, 2006-04-11 at 14:11 -0700, Brian Cameron wrote: > > On Mon, 2006-04-10 at 23:57 +0200, Johannes H. Jensen wrote: > >> Dear almighty GNOME hackers, I'm in need of some pointers! > >> > >> I'm currently hacking on the about-me password dialog (see #321567), > >> which is spawning /usr/bin/passwd to authenticate and change the > >> password. In the new dialog, I'm dividing the process in two, so that > >> the user has to authenticate with his current password first (which > >> spawns passwd to verify). If passwd doesn't complain and prompts for > >> the new password, he can enter his new password, retype it and hit > >> "Change password". When he hits the button, some time has elapsed > >> since he first authenticated (and thus passwd was spawned). > > > > Maybe its just me, but you probably want to actually do a proper pam > > conversation here rather than calling /usr/bin/passwd. The > > gnome-password submission novell made ages ago had this, and we have an > > updated version shipping with more support. > > One issue about supporting PAM is that some operating systems, like > Solaris, do not allow non-root users to make PAM calls. So to be > portable, it would be best if there were a way to launch a program > that did the PAM interaction that could run as root. I know from > discussion with the Solaris PAM team that they feel that allowing > non-root users to run PAM adds security concerns that will likely > prevent Solaris ever being able to support running PAM as a user.
So you have to run screensaver auth for instance without tieing into the same pam stack you logged in with? -JP -- JP Rosevear <[EMAIL PROTECTED]> Novell, Inc. _______________________________________________ desktop-devel-list mailing list [email protected] http://mail.gnome.org/mailman/listinfo/desktop-devel-list
