In message <199811242306.SAA09267@grosse.fugue.com>, Ted Lemon writes:
>I like the idea of being able to specify different user limits for
>different users, although I'm not convinced that this is the right way
>to do it - this seems to be confusing authorization and
>authentication, which are really two seperate functions. 

I may not have made this adequately clear:  login.cap is really fundementally
a separate issue - they just happen to share a couple of source modules, since
one of the many capabilities specified in 'login.conf' is "authorization
method".

I would say that, whether we use PAM or BSD Authentication or some custom
new brilliantly designed and elegant NetBSD-specific solution, 'login.conf'
is a very good example of The Right Way To Do Things.  I always thought
login classes should be good for something...

(I assume that the reason it also does authentication is partially that it is,
after all, configuration info for 'login', and partially that you might want
a user who can ftp but not telnet into a system, thus, it's really a feature
of a login class.)

-s