[ On , July 4, 2000 at 10:47:04 (+0200), Johan Danielsson wrote: ]
> Subject: Re: login.conf for selecting password verification method (was Re: Kerberos is on by default?)
>
> woods@weird.com (Greg A. Woods) writes:
> 
> > It's also important to note that PAM offers almost no useful
> > functionality when you already have source for everything.....
> 
> By the same logic, nothing offers useful functionality in free
> software environments.

No, that's not true and is not an extension of the same logic....

As I understand it the primary purpose of PAM is to allow addition of
new authentication mechanisms to binary-only systems.  This is not
necessary in an environment where not only do you have full source in an
easy-to-build and modify form, but you also already have full source to
most of the authentication mechanisms you could need or want.

I would say that both Linux and Solaris mostly qualify as binary-only
systems, but NetBSD does not.  What's most interesting in this is that
BSDi, despite being offered as a mostly binary-only product does not use
PAM, reportedly because of the risks inherent in its design....

-- 
							Greg A. Woods

+1 416 218-0098      VE3TCP      <gwoods@acm.org>      <robohack!woods>
Planix, Inc. <woods@planix.com>; Secrets of the Weird <woods@weird.com>