Current-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: replace PAM with BSD Auth (was: slow su? [solved])



On Thu, Aug 18, 2011 at 05:28:02PM -0700, Greg A. Woods wrote:
 > > > My opinion remains that PAM ought to go, but that's not trivial...
 > > 
 > > And replace it with what?
 > 
 > PAM could be replaced with BSD Auth, as was discussed long ago.

bsdauth doesn't support the same authentication module interface (or,
AIUI, anything close to it) so it won't do. There are some PAM modules
in pkgsrc, for example, and other third-party ones that aren't but
that someone probably uses.

Also, as far as I know bsdauth doesn't fix the fundamental structural
problem that login should be *unprivileged* until a login occurs...

-- 
David A. Holland
dholland%netbsd.org@localhost


Home | Main Index | Thread Index | Old Index