summaryrefslogtreecommitdiffstats
path: root/kcheckpass/README
blob: cb517b3d2ccaa010934f72cc914d42192acf7aa6 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
The KCheckPass authentication software:
-----------------------------------------

KCheckPass is KDE's authentication program. It is meant to be
used by any software in need of user authentication, most
notably screensavers.

It enhances security be the following means:

- It's only a small program, which is hopefully simple enough to
  allow it to be SUID root. Setting it to SUID root is necessary
  on Shadow Password systems.
- No other program in need of user authentication, must be
  SUID root.
- It provides a single implementation to check passwords. So one
  only must take a closer look at KCheckPass to ensure password
  security. It's much easier for programs using KCheckPass to
  preserve security.


Technique:
----------
KCheckPass is a simple password checker. Just invoke and
send it the password on stdin.

If the password was accepted, the program exits with 0;
if it was rejected, it exits with 1. Any other exit
code signals an error.



Compilation hints:
------------------
Compile with -DHAVE_VSYSLOG if you have vsyslog().
Compile with -DHAVE_PAM if you have a PAM system, and link with -lpam -ldl
  (If libdl is present).
Compile with -DHAVE_SHADOW if you have a shadow password system.

Copyright, Author and License notice:
-------------------------------------
Copyright (C) 1998, Caldera, Inc.
Released under the GNU General Public License

Olaf Kirch <okir@caldera.de>      General Framework and PAM support
Christian Esken <esken@kde.org>   Shadow and /etc/passwd support
Oswald Buddenhagen <ossi@kde.org> Binary conversation interface, etc.

Some parts were taken from kscreensaver's passwd.cpp

Currently this software is maintained by Oswald Buddenhagen <ossi@kde.org>.
Please send new authentication modules (checkpass_*.c) to me.