--Jtds+vpI57xq70EV
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On 2005.08.24 17:39:34 +0000, John Nemeth wrote:
| On Jan 14,  8:01pm, Rui Paulo wrote:
| } On 2005.08.24 14:44:20 +0000, John Nemeth wrote:
| } |      That would be a significantly more complex patch.  If I get time,
| } | I may dig into login.c a little deeper and figure out how to do this.
| } | However, I wonder if it is worth it, considering that this will soon =
be
| } | legacy code?
| }=20
| } Why will it be soon "legacy code" ?
|=20
|      That might be a little strong.  However, consider that 3.0 will
| most likely be out sometime this year.  3.0 onwards will use PAM which
| does authentication completely differently.  Take a look in
| src/usr.bin/login.  There you will see login.c and login_pam.c.
| login.c handles tradational methods, i.e. 2.x and earlier (also, if you
| do a custom build without PAM).  login_pam.c handles PAM, i.e. 3.0 and
| onwards.

I see your point.

|      BTW, I see that you have a NetBSD.org address.  Could you commit
| these patches?  Or, is monkeying with security related stuff too far
| outside the areas that you normally work on?

Which patches? I still believe we need another way of handling this.
login.conf is an idea; anyone else wants to comment on that ?

		-- Rui Paulo

--Jtds+vpI57xq70EV
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (NetBSD)

iD8DBQFDDR0TZPqyxs9FH4QRAoU4AJ44bstqUbjxHeur7HwWYKl+09v05QCcCE6N
SCs6kFciZmYY5jSOwQmBquA=
=ufaC
-----END PGP SIGNATURE-----

--Jtds+vpI57xq70EV--