ASX, thank you very much for your tip!
I at last managed to check password in *BSD too!
Actually, it was so trivial... sometimes I'm surprised in BSD world by this: my mind is used to complicate itself, but things are so easy, why make them more complicate? (It's difficult to explain this sensation...
![Embarrassed :oops:](./images/smilies/icon_redface.gif)
).
Anyway, POSIX authentication is very similar to "shadow" GNU way, the only difference is you have to fetch data through a loop:
Code: Select all
while((pwd = getpwent()) != NULL)
{
if (strcmp(pwd->pw_name,user)==0)
{
....
....
and in the structure "pwd" (struct passwd * pwd ) there is everything: user name, uid, and so forth, and , obviously the user password.
Now I can implement this in my little, home made, Display Manager "EasyDM".
It would be very easy to make your program crash upon the first snprint() call, just type in a string longer than 100 chars ... for something that has to deal with security and access control is not a good start, please see snprintf().
Well... I didn't notice that vulnerability. I'll increase char memory allocation to 1000 chars.
It might be a safer limit, isn't it?
Kraileth, did you look at my DM? Have you suggestions about, to make it better?
![Smile :)](./images/smilies/icon_e_smile.gif)