P. 1


|Views: 167|Likes:
Publicado porNurul Istiqomah

More info:

Published by: Nurul Istiqomah on Dec 14, 2010
Direitos Autorais:Attribution Non-commercial


Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less





A pluggable authentication module (PAM) is an authentication systemthat’s gaining
popularity on UNIX,and especially Linux systems. PAM was designed to address a
shortcoming in the UNIX environment—typically,individual programs such as login
and passwdwere hard-coded to perform their authentication functions one way,by using
the UNIX password database. This was fine if the UNIX password database met your
needs,but if it didn’t and another authentication system was needed,you were out of
luck. Typically,in such situations,a new version of every program that authenticates
users (login,passwd,and so on) would have to be hand-coded in C to work with any
new authentication system. The tremendous amount of programming required to imple-
ment any new system was a great deterrent to administrators desiring to improve upon
the standard UNIX authentication mechanisms.

This is where PAM comes in. With PAM,the authentication mechanisms of programs
such as logincan be dynamically reconfigured or upgraded by the system administrator.
For PAM to work,all programs that perform authentication must be made “PAM aware,”
and this requires modification to the programs’source code. Fortunately,this only has to
be performed once,because once a program is PAM aware,it now uses PAM libraries to
perform authentication instead of using its own internal code. Fortunately,many modern
UNIX-like operating systems and distributions,such as Linux,come with PAM support
built in. On these systems,you have several more options available to you to integrate
UNIX and Windows.

You're Reading a Free Preview

/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->