6Pluggable Authentication Modules (PAM)

Whenever you want to gain access to a service on a Solaris system, you must provide some credentials that prove you are who you say you are. These credentials can be a user name/password combination, a fingerprint, a token card, a one-time password, or some form of a cryptographic token that only you can possess. Ideally, system administrators, not programmers, define what sort of authentication is needed for each service.

Before the Solaris OS introduced the concept of Pluggable Authentication Modules (PAM), every service hard-coded its access control mechanism. To enforce onetime passwords for the FTP service, for example, an administrator had to change the code of the FTP service. With the introduction ...

Get Solaris™ 10 Security Essentials now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.