"Michael Ju. Tokarev" wrote: > 4.a. why current pam_unix uses "strange" method of "storing" password > afetr a user prompt? Here is a simplified code: > > pam_converse(..., &resp, ...); > pass = strdup(resp[0].resp); > pam_drop_reply(resp); I think this was intended (one late night) as a paranoia thing. The intention was to explicitly break the link between any dangling pointer reference in some state that the application (conversation function) might have, to the current location of the password. The reasoning being that it is easier to audit a module's use of a password if you know there are no other references to the memory it is stored in (outside the module and by extension the libc it uses for something like strdup()). That was the intention at least, hindsight and years later, it looks a little optimistic. Cheers Andrew
