On Wed, 17 Mar 1999 seebs@plethora.net wrote:

# Hmm.  How would you specify authentication methods?  It would seem only
# reasonable to use 'login.conf' for them, at which point, the provided
# model does authentication. 

	The same way FreeBSD did it, in PAM. 

# I'm uncomfortable with doing PAM unless someone can show me how a
# non-suid program can do authentication that requires suid using it.

	It's absolutely trivial.  In PAM, you're just calling a function
out of a shared object.  That shared object can execute a suid program,
exchange some information with it, and validate the user based on the
results.

--
SA, beyond.com           My girlfriend asked me which one I like better.
pub  1024/3CAE01D5 1994/11/03 Dustin Sallings <dustin@spy.net>
|    Key fingerprint =  87 02 57 08 02 D0 DA D6  C8 0F 3E 65 51 98 D8 BE 
L_______________________ I hope the answer won't upset her. ____________