In message <200509200044.j8K0ieF0015596@vtn1.victoria.tc.ca>, John Nemeth write
s:
>     This would essentially require maintaining N different
>authentication systems since on a "traditional UNIX box", every
>application handled authentication itself.  This simply isn't going to
>happen (not speaking for NetBSD, etc.).  This is one of the problems
>that PAM is designed to fix.

The core system applications had a standard API (getpwent, et al.) for 
this...

>     Besides, exactly what is the right thing to do when a security
>subsystem fails?  Apparently, you would like the application to read
>/etc/passwd.  Many would say that the system should fail closed.  What
>happens if accounts aren't recorded in /etc/passwd?

Then there's no accounts, and it fails closed.

>     Question:  what would happen on a BSD Auth based system if the
>Auth configuration files were missing?  Would it just guess at what to
>do, or would it abort?

In the absence of login.conf (the only configuration file it uses), I think
the system may default to login_passwd.

The comparatively simple configuration is sort of a plus.  :)

>} And remember, an NFS filesystem mounted without nosuid can save your life.

>     So can /rescue.

Not useful in this case.  The question is "how do I get this machine cleanly
shut down so I can boot single-user" or otherwise "how can I get sysadmin
privileges".  Tragically, my notion of /rescue/rootshell has never gone over
well.  :p

-s