On Mon, 23 Nov 1998, David Holland wrote:

: PAM has other problems though as a consequence. You'll find, for
: instance, that the process that opens the PAM session has to stick
: around to close it, because otherwise the shared library data segments
: holding the state go away. This interacts badly with, say, init/getty/
: login. In RedHat 4.0 login forked your shell instead of execing it;
: needless to say this broke a lot of stuff... 

Ah, auth state.

Crash recovery dictates that we should be able to deal with a process going
away for whatever reason, including an exec()'d shell.

Solaris's su and login don't fork a shell, they exec it just like we do.
And yet, they _do_ use PAM....

-- 
-- Todd Vierling (Personal tv@pobox.com; Bus. todd_vierling@xn.xerox.com)