Subject: PAM & Re: BSD Authentication
To: None <current-users@NetBSD.org>
From: Chuck Yerkes <chuck+nbsd@2003.snew.com>
List: current-users
Date: 09/08/2003 18:26:06
Quoting Manuel Bouyer (bouyer@antioche.eu.org):
> On Mon, Sep 08, 2003 at 03:35:57PM -0400, Michael G. Schabert wrote:
> > The problem is that there's these camps that seem to think that
> > there's some sort of either-or issue here. The issue is NOT "choose
> > PAM or BSD Auth". There *IS*NO*OPTION*FOR*PAM* on the table at all.
> > NetBSD will *NEVER* have PAM, unless someone steps forward to
> > implement it. *NOWHERE* in this thread has a single person done that.
> > So PAM is absolutely, totally irrelevant in this discussion. Throw it
>
> It is relevant, as could other auth systems. The way BSD auth is implemented
> should not prevent others authentication systems from being integrated
> later, with a way for the user which one it wants to use.
Of course if we give it another month of talking, people's
fingers will be to tired to actually write code.
1) look at OpenBSD's efforts to do priv sep on everything
from openssh to portmap to syslog.
They start as root, get what they need as root (perhaps
bind to a port, whatnot) then become an unpriv'd user.
EG: _portmap or _syslog.
And trust me, openbsd people watch THESE lists and garner
good ideas. It's okay to take the best from each other.
2) This thread started with Peter Seebach missing BSD Auth from
his BSDi days and wanting it in NetBSD. I think he was offering
to do a bit of the work. OpenBSD has free code that does it.
WindRiver has BSDi's code and it's not free.
PAM was brought up by people (who I swear are agents of Microsoft)
purely for the purpose making this thread non-productive and unsearchable.
And peter's poor arms have been torn off and we are all being beaten
with them by people with the same sad go-nowhere areguments.
Been there, done that, got the T-Shirt.
(and heaven forfend that anybody on this list might CHANGE THE
SUBJECT LINE when they change the subject.)
I blame the nazi's on this list for their PAM fascism.
Mr Godwin, the floor is yours.