I've got my app talking happily to PAM, but one of the things I'd like to do in the interests of security is for my software to drop all root priviledges as soon as it has authenticated the user. However, it appears that there is no direct method to find out what the user's localhost UID is unless you know for sure what type of local authentication is used- which sort of defeats the whole point of PAM. I've seen some of the discussion regarding NT domain logon information, and Kerberos credentials, but I don't recall seeing anything relating to something a little more general. Is there any method by which PAM can or does hand back UID/GID/user's "full name", home directory, etc to the app? If not, is there any system similar to PAM that can provide this information in much the same way PAM can speak to just about any type of authentication system? -kgd -- Money is overrated.
