Subject: Re: BSD Authentication
To: Dr R.S. Brooks <R.S.Brooks@liverpool.ac.uk>
From: Peter Seebach <seebs@plethora.net>
List: current-users
Date: 08/29/2003 11:31:54
In message <Pine.GSO.4.55.0308291053220.26043@fs7.liv.ac.uk>, "Dr R.S. Brooks" 
writes:
>No, that's the whole point of PAM.  No magic whatsoever in login (or
>sshd, ftpd, xdm etc if the sysadmin decides to allow such logins
>through those routes).  All the magic is contained in the PAM modules,
>and is turned on by the appropriate configuration in /etc/pam.conf.
>If you have a binary program which you have purchased from Foobar Inc
>and it uses PAM, then you will be able to make it behave in the same
>magic way with the correct entries in pam.conf.

Okay, I see; so, basically, the idea is that a PAM module doesn't just
authenticate you, it totally 0wnz you, scribbling whatever it wants wherever
it wants in your address space.

That said, there's *some* magic in login - it has to know to load the PAM
modules.

-s