Subject: Re: login.conf for selecting password verification method (was Re:
To: Jason R Thorpe <>
From: Greywolf <>
List: tech-userlevel
Date: 06/30/2000 17:03:27
On Fri, 30 Jun 2000, Jason R Thorpe wrote:

# On Sat, Jul 01, 2000 at 01:34:27AM +0200, Jaromír Doleček wrote:
#  > IIRC the advantage of BSDi auth modules - since it's separate
#  > program, you get the unixish "program does one thing and good" -
#  > the API the authentication module program has to follow is fairly
#  > simple and streighforward and the program doesn't need to worry
#  > about side effects, since it's separate from the program actually
#  > trying to authenticate; the auth module program can also drop any
#  > unnecessary permissions as needed. This means that the actual
#  > program doing authentication (beeing it passwd, login or whatever)
#  > doesn't need suid root for the authentication itself.
# Oh, this is actually quite nice -- it also means that all of the
# random programs don't have to support dynamic loading (doesn't work
# with statically-linked binaries).

Jason, I'm confused by this, because it looks as though you're saying
two different things.  (don't have to support dynamic loading + doesn't
work with statically linked-binaries ==  "mutually exclusive"?)

BSD: Two guys with a vax.