tech-userlevel: Re: login.conf for selecting password verification method (was Re: Kerberos is on by default?)

Subject: Re: login.conf for selecting password verification method (was Re: Kerberos is on by default?)
To: None <tech-userlevel@netbsd.org>
From: Michael Richardson <mcr@sandelman.ottawa.on.ca>
List: tech-userlevel
Date: 07/03/2000 07:11:31

>>>>> "ek" == ek  <Jarom> writes:
    ek> trying to authenticate; the auth module program can also drop any
    ek> unnecessary permissions as needed. This means that the actual
    ek> program doing authentication (beeing it passwd, login or whatever)
    ek> doesn't need suid root for the authentication itself.

    ek> The advantage of PAM is merely that it's used more widely :)

  And, a BSDi auth program can be a wrapper around a PAM module, but not
the opposite.

] Planes have DC now, but not this one. Trains have more power. |  firewalls  [
]   Michael Richardson, Sandelman Software Works, Ottawa, ON    |net architect[
] mcr@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another NetBSD/notebook using, kernel hacking, security guy");  [