Subject: Re: integrating PAM
To: David Maxwell <>
From: Greywolf <>
List: current-users
Date: 01/27/2003 15:07:15
[two DMs here - this is going to be tricky.]

On Mon, 27 Jan 2003, David Maxwell wrote:

[Dan: We're not only talking about libraries here. We're talking about
[Dan: unnecessarily complex frameworks and APIs. PAM is built around shared
[Dan: libraries as modules, checkpassword and BSD Auth is built around the process
[Dan: model.

[David: Okay, you've stated a point about the difference between the two. I
[David: don't see any explanation of why (in this context) a three process team
[David: with pipes is simpler (or better) than a function call into a shared
[David: library.

*sigh* I think part of the problem which keeps coming up is that PAM
inherently depends on shared libraries -- specifically dynamic loading
capability -- for module loading.  This is, I believe, specified in
the API.  It is arguable from now until the Apocalypse as to whether
or not this is a Good Idea, and why (not).

NetBSD: Rock solid!