Previous Next Contents

6.4 The filter module

Synopsis

Module Name:

pam_filter

Author:

Andrew G. Morgan <morgan@parc.power.net>

Maintainer:

Author.

Management groups provided:

account; authentication; password; session

Cryptographically sensitive:

Not yet.

Security rating:

Clean code base:

This module compiles cleanly on Linux based systems.

System dependencies:

To function it requires filters to be installed on the system.

Network aware:

Overview of module

This module was written to offer a plug-in alternative to programs like ttysnoop (XXX - need a reference). Since writing a filter that performs this function has not occurred, it is currently only a toy. The single filter provided with the module simply transposes upper and lower case letters in the input and output streams. (This can be very annoying and is not kind to termcap based editors).

Account+Authentication+Password+Session components

Recognized arguments:

debug; new_term; non_term; runX

Description:

Each component of the module has the potential to invoke the desired filter. The filter is always execv(2)d with the privilege of the calling application and not that of the user. For this reason it cannot usually be killed by the user without closing their session.

The behavior of the module can be significantly altered by the arguments passed to it in the Linux-PAM configuration file:

Examples/suggested usage:

At the time of writing there is little real use to be made of this module. For fun you might try adding the following line to your login's configuration entries

#
# An example to see how to configure login to transpose upper and
# lower case letters once the user has logged in(!)
#
login   session  required       pam_filter.so \
                        run1 /usr/sbin/pam_filter/upperLOWER


Previous Next Contents