The KCheckPass authentication software: ----------------------------------------- KCheckPass is KDE's authentication program. It is meant to be used by any software in need of user authentication, most notably screensavers. It enhances security be the following means: - It's only a small program, which is hopefully simple enough to allow it to be SUID root. Setting it to SUID root is necessary on Shadow Password systems. - No other program in need of user authentication, must be SUID root. - It provides a single implementation to check passwords. So one only must take a closer look at KCheckPass to ensure password security. It's much easier for programs using KCheckPass to preserve security. Technique: ---------- KCheckPass is a simple password checker. Just invoke and send it the password on stdin. If the password was accepted, the program exits with 0; if it was rejected, it exits with 1. Any other exit code signals an error. Compilation hints: ------------------ Compile with -DHAVE_VSYSLOG if you have vsyslog(). Compile with -DHAVE_PAM if you have a PAM system, and link with -lpam -ldl (If libdl is present). Compile with -DHAVE_SHADOW if you have a shadow password system. Copyright, Author and License notice: ------------------------------------- Copyright (C) 1998, Caldera, Inc. Released under the GNU General Public License Olaf Kirch <okir@caldera.de> General Framework and PAM support Christian Esken <esken@kde.org> Shadow and /etc/passwd support Oswald Buddenhagen <ossi@kde.org> Binary conversation interface, etc. Some parts were taken from tdescreensaver's passwd.cpp Currently this software is maintained by Oswald Buddenhagen <ossi@kde.org>. Please send new authentication modules (checkpass_*.c) to me.