Subject: Re: login.conf for selecting password verification method (was Re: Kerberos is on by default?)
To: None <email@example.com>
From: None <firstname.lastname@example.org>
Date: 07/01/2000 03:47:58
>I think in the short-term (i.e. in time for 1.5), we should change
>Heimdal's behavior to match MIT's wrt. krb5_init_context().
>For post-1.5, we should investigate adding the mechanisms to login.conf,
>possibly also supporting dynamically-loaded auth modules a'la PAM.
while i was chatting with a bsdi (not freebsd) guy, he showed a big
worry about dynamically-loaded auth module like PAM, for security
issues. is it not the case?