[ On Thursday, January 23, 2003 at 22:54:49 (-0500), David Maxwell wrote: ]
> Subject: Re: integrating PAM
>
> There exist buggy PAM modules != PAM is bad.

Yes, but the number lines-of-code does give a good hint towards the
number of bugs that might be expected in it.

Large and complex code is bad, and doubly so when it has to run as root,
triply so if it also _requires_ dynamic loading of new object code.

The BSD Auth code is truly quite small and it's also quite readable and
the design is very elegant and clean.  It's bound to have fewer bugs
than an equally mature PAM implementation.

-- 
								Greg A. Woods

+1 416 218-0098;            <g.a.woods@ieee.org>;           <woods@robohack.ca>
Planix, Inc. <woods@planix.com>; VE3TCP; Secrets of the Weird <woods@weird.com>