Subject: Re: login.conf for selecting password verification method (was Re: Kerberos is on by default?)
To: None <tech-userlevel@netbsd.org>
From: Michael Richardson <mcr@sandelman.ottawa.on.ca>
List: tech-userlevel
Date: 07/03/2000 07:11:31
>>>>> "ek" == ek <Jarom> writes:
ek> trying to authenticate; the auth module program can also drop any
ek> unnecessary permissions as needed. This means that the actual
ek> program doing authentication (beeing it passwd, login or whatever)
ek> doesn't need suid root for the authentication itself.
ek> The advantage of PAM is merely that it's used more widely :)
And, a BSDi auth program can be a wrapper around a PAM module, but not
the opposite.
] Planes have DC now, but not this one. Trains have more power. | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[
] mcr@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another NetBSD/notebook using, kernel hacking, security guy"); [