confirm password for logged in user

René Fleschenberg rene at korteklippe.de
Tue Apr 10 12:07:11 CEST 2007


André Wyrwa schrieb:
> I'm wondering, though, if there isn't ANY way to have the password
> confirmed for the user that is already logged in. Please note the
> difference, i don't want to write some kind of login functionality. The
> user is already authenticated, i just want to have a typed in password
> checked agains the already logged in users password.

It is not possible to check a password against the shadow file without
having root privileges. Neither with nor without PAM.

Whyt you can do is install (or write yourself) a small program that
checks the password for you. That program must run as root (be installed
with suid root), but your daemon does not need to. The daemon calls the
external program to do the password check. http://unixpapa.com/pwauth
should work for your purposes.

-- 
René



More information about the Python-list mailing list