This function is experimental and may be modified or removed in a future release without prior warning.
The
openpam_get_feature()
function stores the current state of the
specified feature in the variable pointed to by its
onoff
argument.
The following features are recognized:
OPENPAM_RESTRICT_SERVICE_NAME
|
|
Disallow path separators in service names.
This feature is enabled by default.
Disabling it allows the application to specify the path to
the desired policy file directly.
|
OPENPAM_VERIFY_POLICY_FILE
|
|
Verify the ownership and permissions of the policy file
and the path leading up to it.
This feature is enabled by default.
|
OPENPAM_RESTRICT_MODULE_NAME
|
|
Disallow path separators in module names.
This feature is disabled by default.
Enabling it prevents the use of modules in non-standard
locations.
|
OPENPAM_VERIFY_MODULE_FILE
|
|
Verify the ownership and permissions of each loadable
module and the path leading up to it.
This feature is enabled by default.
|