Jerry Lundström <[EMAIL PROTECTED]> wrote:
Martin Ebourne wrote:
Of course, it doesn't even need to be that complicated. There's no need
to run checkpassword at all.
No, you really want to run checkpassword or any other program that
does what it does otherwise bincimapd can get corrupted information
and things may fail.
Is there anything more specific you can elaborate on for this? From
looking at the man page these are the things that checkpassword claims
to do after authentication:
- sets up supplementary groups of authenticated user, its gid, its uid,
and its working directory
- switches to user home directory
- sets environment variables USER, HOME, and SHELL to appropriate values
- executes prog with args as its arguments
I think all of those should be fully covered by ssh itself, so I'm not
sure what could go wrong. Apart from a user putting something stupid in
their .shrc files which would break other things anyway (and I don't
think using checkpassword would necessarily fix that).
Cheers,
Martin.
