site_archiver@lists.apple.com Delivered-To: darwin-dev@lists.apple.com Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:content-type :content-transfer-encoding; bh=6lNTSauPXalFe9/uP0L5gCXpmFYqw92JNPMf4fkCYyQ=; b=Q5Hhb3n0gZOOrKBoK+PgVUIuFjDoKSG3Ff57tgUlxVQldHEwHLv0p22iaxSL1EckSV RjrXavEfa2MiDfao0S/Q4UwE9FVEJgIrvL3Pro0lBeEhZWqPZaUSZEH68r8lQOcUr2xz J+IYCOfyLZZyQvparoG+Ko7nukALm+idGb/0A= Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; b=VMJNGGPfTRGHka+GUsyfJVx8m/CKlZVwRL3DNkfcDQqowz5kv26sRMZZ1ebsLnmzuM cbTHFYrFqnO/KxMDUx/88e61wyFKu3TSaoLllzHfQS6Bs7sLM4Gv2RFI0+o11J7lCn+Z kxcDSwXd7JS7tePgUwNMCiWY92cuGTGDHZqsI= On Tue, Dec 29, 2009 at 8:21 PM, Roger Pau Monné <royger@gmail.com> wrote:
Hello, I'm implementing a very simple FTP client, and to do the login I would like to check against system users instead of using my own database, so that I can give the proper permissions to the newly created process that I've spawned with fork. What's the best way for doing this in C? I've read about the getpwnam function, that returns a struct passwd that has the field pw_passwd to compare against (using the crypt function), but this field only contains asterisks in Mac OS X and an x in Linux. Is there any common way to get the encrypted password of a user across POSIX systems?
In modern security architectures you don't ever handle (or even have access to) the password in your program. What you do is pass the credentials (user and password in this case) to some authentication framework. For OS X and Linux, the best solution is PAM: <http://www.kernel.org/pub/linux/libs/pam/> _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-dev mailing list (Darwin-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-dev/site_archiver%40lists.appl... This email sent to site_archiver@lists.apple.com