Subject: Re: PAM
To: None <firstname.lastname@example.org>
From: Greg A. Woods <email@example.com>
Date: 09/25/2002 20:09:13
[ On Wednesday, September 25, 2002 at 16:29:08 (-0400), Jim Wise wrote: ]
> Subject: Re: PAM
> But that's just it -- even the base system includes a wide range of
> applications beyond /usr/bin/login which log users in in one way or
> another (think ssh, ftp, rsh, telnet for starters), and it is difficult
> to see rewriting all of them to fit exec-chaining into their logic.
and all of those but ftp should be using login.....
> >Bottom line - PAM isn't the only way to do it.
> Certainly true, but it's a well defined, and already-existing (and
> standardized) way of doing things which a lot of third-party software
> we want to provide already supports.
PAM is not standardized in any useful way and has as its main
requirement a feature which no open source environment even remotely
needs. All the useful bits of open source PAM modules can be easily
given a new API that could be used in a truly well defined framework.
Greg A. Woods
+1 416 218-0098; <firstname.lastname@example.org>; <email@example.com>
Planix, Inc. <firstname.lastname@example.org>; VE3TCP; Secrets of the Weird <email@example.com>