In message <199811231543.KAA01322@grosse.fugue.com>, Ted Lemon writes:
>My experience trying to use it was that it was very complicated to
>configure, and easy to misconfigure.  I didn't actually look at the
>underlying code - for all I know (actually, I think this is likely)
>it's quite clean.

Hmm.  I've had no trouble with it; it may have changed.  Certainly, the
documentation improved dramatically between 3.0 and 4.0.

One of the advantages of BSD Auth is that a non-setuid program can do
authentication checks that require setuid, because the authentication program
can be setuid.  I don't think PAM can do this.  This might be a plus for,
e.g., screen savers.

-s