On Mon, 23 Nov 1998 18:36:56 -0500 (EST)  Todd Vierling wrote:

> I definitely consider getting root's crypted password compromising the
> integrity of the system.  _No_ process without root privileges should be
> able to get that. A BSD-Auth external program doesn't count; how does it
> verify securely that the process requesting root's pw should be allowed to
> get it?

Depending on the implementation, this could be where Jason's socket
credential stuff would fit in, no?

Simon