Given a username and password, I need to check if there's a user on the local system with said username and password.
I'm aware of posix_getpwnam and using the PAM package, but both of these methods require that the PHP script have access to /etc/shadow. I'd rather not mess with permissions of system files or daemon users.
I imagine that this could be done either by messing with standard system commands such as sudo, or by writing my own small setuid C program. I could also try to connect to localhost via FTP or SSH with said username/password to validate it. Is there a simpler way?
I could also try to connect to localhost via FTP or SSH with said username/password to validate it.
That's what I did in the end (using PHP ssh2 extension). Local commands are also ran via the same connection, under the user's credentials.