[Fingerforce-devel] 0.4 release soon?
Daniel Drake
dsd at gentoo.org
Sun Nov 25 23:10:18 UTC 2007
Miguel Gea Milvaques wrote:
> About fvs, It was developed by Shivang Patel before 2004, and modified
> by Madhav Kulkarni, both out of USA, so there are no problems in
> exportations.
That does not matter. If you export it from the US to another country it
counts as an export, regardless of origin. If you believe that exporting
NBIS is a violation, then exporting FVS or any equivalent *is* a
violation too, please take my word for it.
> PD: About pam_fprint
> In wiki you talk about the limitations of pam_fprint:
>
> /" Reads enrolled fingerprints from users home directories. /
>
> * / It will only work when trying to authenticate your own user
> account (as you can read your own home directory), or in the
> system login prompt (which runs as root). /
> * / You cannot authenticate yourself as another user, since you
> don't have access to read that user's home directory."/
>
>
> I understand your problem and I've been working on it. My solution is to
> write a daemon that has root perms to read the fingerprint database, and
> authenticate then as different user if necessary; you have not be root
> to authenticate as different user. I have initial work on it, but I
> can't work on it till december or january. :/ If you want to get a sight
> on it, tell me. It's designed as modular thinking that one day I could
> found a good fvs substitute (like libfprint).
I believe the real solution to this is a dbus service which I will be
working on in future. A good interim solution may be to provide a suid
helper like pam_dotfile does.
Daniel
More information about the Fingerforce-devel
mailing list