Re: Administrator password
Re: Administrator password
- Subject: Re: Administrator password
- From: Jeffrey Ellis <email@hidden>
- Date: Sun, 12 Nov 2006 13:17:34 -0800
- Thread-topic: Administrator password
on 11/10/06 9:51 PM, Terry Lambert at email@hidden wrote:
> You probably don't want chkpasswd, since it's not runnable from a
> script, since it gets its input from the controlling tty, and sets raw
> mode, etc. on it to control character echo, and so on.
>
>
> In general, you do not check passwords, you let PAM check them for you.
>
> The only valid reason for checking a password is for the purpose of
> establishing a session on a machine - i.e. if you are loginWindow,
> sshd, ftpd, telnetd, /bin/login, or some other program that
> establishes a session, or if you are utilizing security frameworks as
> a trusted application that's permitted to launch subprocesses as
> "root" (which is generally why the Finder ever asks for the admin
> passwd; it subsequently effectively runs "sudo").
>
> If you think you need the admin passwd for any other reason, your are
> probably mistaken.
>
>
> Your best bet is to look at the source code to /bin/login, sshd, or
> one of the other applications that wires itself into the Mac OS X
> infrastructure for starting a session. Realize that to answer your
> question, your process will need to be privileged.
>
> -- Terry
>
Thanks for the heads up, Terry. I'll keep this all in mind.
All My Best,
Jeffrey
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden