Rebranding...

[UnitedMarsupials-zz]

This is not a bug-report, but a suggestion. Though I myself found this project searching for pam_duress, this implementation is more general -- you allow the same account to login with different passwords depending on what the user wishes to happen upon login. This can indeed be used in a duress situation, but has other applications.

I would propose, you rebrand it as something like pam_multipassword. This may increase the module's general appeal (among the "but I have nothing to hide!" crowd) and make the very presence of the module on one's computer less suspicious to the "Big Brother".

I would also propose, you relicense it under a BSD or similar license -- to further help wide-spread adoption. For example, I intend to port your module to FreeBSD for individuals to add to their hosts, but -- as long as it remains GPL-licensed -- there is no chance of it making it into the base system.

[rafket]

Thank you for your interest and your suggestions! Bear in mind that this is a proof-of-concept implementation, as I don't think it's ready yet for actual use (for example I haven't tested yet for memory leaks, and I'm fairly certain that it has some). I did not expect anyone to find this. Once I find time to fix these issues, I will make sure to re-license, and maybe change its name.

By the way the paper on which this is based is here

[rafket]

First of all, I will not change it to pam_multipassword, because using multiple passwords is a serious vulnerability, and nobody should be encouraged to do it.

Secondly, the license will remain unchanged for now, I prefer the GPL license over the FreeBSD license. A port of this module is not a good idea, because I don't think that it's safe yet. Please understand that it is a proof-of-concept, and if you read the paper you will understand the possible vulnerabilities in the theoretical model.

[UnitedMarsupials-zz]

because using multiple passwords is a serious vulnerability

I'm sorry for being dense -- could you elaborate? Why is it a serious vulnerability? Yes, with each additional (poorly-chosen) password, it becomes easier to get in as the user, but if that's what they explicitly want (and their admin allows), then so be it...

and nobody should be encouraged to do it.

Not encouraged, but allowed -- provide mechanism, not policy?

I prefer the GPL license over the FreeBSD license

This would prevent commercial adoption... If I end up liking it enough, I may have to do a "clean room" reimplementation -- would much rather not duplicate efforts :-(

A port of this module is not a good idea, because I don't think that it's safe yet.

Hey, no one is going to be forced to install it, but those, who want -- caveats and all -- will have an easier time doing it.