Subject: Re: login.conf for selecting password verification method (was Re: Kerberos is on by default?)
To: None <>
From: Michael Richardson <>
List: tech-userlevel
Date: 07/03/2000 07:11:31
>>>>> "ek" == ek  <Jarom> writes:
    ek> trying to authenticate; the auth module program can also drop any
    ek> unnecessary permissions as needed. This means that the actual
    ek> program doing authentication (beeing it passwd, login or whatever)
    ek> doesn't need suid root for the authentication itself.

    ek> The advantage of PAM is merely that it's used more widely :)

  And, a BSDi auth program can be a wrapper around a PAM module, but not
the opposite.

] Planes have DC now, but not this one. Trains have more power. |  firewalls  [
]   Michael Richardson, Sandelman Software Works, Ottawa, ON    |net architect[
] |device driver[
] panic("Just another NetBSD/notebook using, kernel hacking, security guy");  [