On Mon, 23 Nov 1998, Ted Lemon wrote:

: > While I agree that we should pick one as the one we use (and it needn't
: > be either of PAM or BSD/OS), I think that either way, there may be some
: > value to writing the crossover module.  login_pam would be a pretty trivial
: > program, I'd expect.
: 
: Can you explicitly state what the value of a crossover would be?

Given that I've already stated that BSD-Auth, from seebs's minor
description, probably can't offer all of the features implemented by PAM,
this type of crossover is probably not possible without doing a half-bsdauth
half-extra-code solution.

I am running on the assumption that bsdauth contains *one* main function: an
affirmative/negative response to the question "will you authenticate this
user for a login session with these credentials?".  If this assumption is
wrong, would someone please stand up and explain the BSD Auth system in a
little more technical detail?

However, a pam_bsdauth.so would, in this case, be an easy addition for
compatibility's sake; the shared object stub would likely not consist of
much code.

And while we're talking about shared objects:

I believe PAM-in-static-binary thing is a red herring.  Can someone mention
a practical use for statically linking a program requiring authentication?  
Such programs typically sit with setuid or otherwise extra privileges, and
aren't statically linked (...and hence gain bugfixes in a replaced shared
libc).

-- 
-- Todd Vierling (Personal tv@pobox.com; Bus. todd_vierling@xn.xerox.com)