On Fri, 30 Jun 2000, Jason R Thorpe wrote:

# On Sat, Jul 01, 2000 at 01:34:27AM +0200, Jaromír Doleček wrote:
# 
#  > IIRC the advantage of BSDi auth modules - since it's separate
#  > program, you get the unixish "program does one thing and good" -
#  > the API the authentication module program has to follow is fairly
#  > simple and streighforward and the program doesn't need to worry
#  > about side effects, since it's separate from the program actually
#  > trying to authenticate; the auth module program can also drop any
#  > unnecessary permissions as needed. This means that the actual
#  > program doing authentication (beeing it passwd, login or whatever)
#  > doesn't need suid root for the authentication itself.
# 
# Oh, this is actually quite nice -- it also means that all of the
# random programs don't have to support dynamic loading (doesn't work
# with statically-linked binaries).

Jason, I'm confused by this, because it looks as though you're saying
two different things.  (don't have to support dynamic loading + doesn't
work with statically linked-binaries ==  "mutually exclusive"?)

				--*greywolf;
--
BSD: Two guys with a vax.