In message <Pine.NEB.4.05.9811241047210.1889-100000@duhnet.net>, Todd Vierling 
writes:
>/sbin/init is run when the only possible method of authentication is from
>system files (i.e. /etc/master.passwd).  That method, I've already stated,
>should be left in libc.

What makes it impossible for a system to have some more powerful method of
password-checking available on /?  Of course, given that login styles are
typically in /usr/libexec on BSD/OS...

-s