In message <Pine.GSO.4.55.0308291053220.26043@fs7.liv.ac.uk>, "Dr R.S. Brooks" 
writes:
>No, that's the whole point of PAM.  No magic whatsoever in login (or
>sshd, ftpd, xdm etc if the sysadmin decides to allow such logins
>through those routes).  All the magic is contained in the PAM modules,
>and is turned on by the appropriate configuration in /etc/pam.conf.
>If you have a binary program which you have purchased from Foobar Inc
>and it uses PAM, then you will be able to make it behave in the same
>magic way with the correct entries in pam.conf.

Okay, I see; so, basically, the idea is that a PAM module doesn't just
authenticate you, it totally 0wnz you, scribbling whatever it wants wherever
it wants in your address space.

That said, there's *some* magic in login - it has to know to load the PAM
modules.

-s