This PAM module allows to use the tcpd wrapper during the authentication
stage in the PAM way of thinking security. Tcpd wrapper is one of the most
used packet filter tools by system administrators : every tcp
service controlled by inetd can be "protected" using ACLs based on IP numbers,
fqdn, usernames simply running tcpd as a filter. In this way applications
don't need to know security's implementation details because they rely
entirely on system administrators policies.
Applications not running via inetd handle security directly:
normally they are compiled with security and/or proprietarty
libraries and often use different schemes for configuration.
PAM gives an application the choice to not care of how authentication,
session managment and other security activities are handled and configured.
Applications should only use a standard set of API, all the rest is played
by PAM.
This module adds the tcpd wrapper feautures to PAM allowing usage even
if an application in not running by inetd.
I wrote this module using one from Linux
PAM distribution as skeleton, so I have to thank Linux
and his "freeware" nature !!
I compiled and tested it only under Linux 2.0.35 because Solaris 2.6
doesn't seem to be robust as 2.5.1 (without PAM yet). If someone
wants to make some tests under Solaris >= 2.6 let me know !!!
Author: Massimiliano Liccardo