Subject: Re: PAM
To: None <>
From: Greg A. Woods <>
List: current-users
Date: 09/25/2002 20:09:13
[ On Wednesday, September 25, 2002 at 16:29:08 (-0400), Jim Wise wrote: ]
> Subject: Re: PAM
> But that's just it -- even the base system includes a wide range of
> applications beyond /usr/bin/login which log users in in one way or
> another (think ssh, ftp, rsh, telnet for starters), and it is difficult
> to see rewriting all of them to fit exec-chaining into their logic.

and all of those but ftp should be using login.....

> >Bottom line - PAM isn't the only way to do it.
> Certainly true, but it's a well defined, and already-existing (and
> standardized)  way of doing things which a lot of third-party software
> we want to provide already supports.

PAM is not standardized in any useful way and has as its main
requirement a feature which no open source environment even remotely
needs.  All the useful bits of open source PAM modules can be easily
given a new API that could be used in a truly well defined framework.

								Greg A. Woods

+1 416 218-0098;            <>;           <>
Planix, Inc. <>; VE3TCP; Secrets of the Weird <>