[ On Wednesday, September 25, 2002 at 16:29:08 (-0400), Jim Wise wrote: ]
> Subject: Re: PAM
>
> But that's just it -- even the base system includes a wide range of
> applications beyond /usr/bin/login which log users in in one way or
> another (think ssh, ftp, rsh, telnet for starters), and it is difficult
> to see rewriting all of them to fit exec-chaining into their logic.

and all of those but ftp should be using login.....

> >Bottom line - PAM isn't the only way to do it.
> 
> Certainly true, but it's a well defined, and already-existing (and
> standardized)  way of doing things which a lot of third-party software
> we want to provide already supports.

PAM is not standardized in any useful way and has as its main
requirement a feature which no open source environment even remotely
needs.  All the useful bits of open source PAM modules can be easily
given a new API that could be used in a truly well defined framework.

-- 
								Greg A. Woods

+1 416 218-0098;            <g.a.woods@ieee.org>;           <woods@robohack.ca>
Planix, Inc. <woods@planix.com>; VE3TCP; Secrets of the Weird <woods@weird.com>