Date: Thu, 19 Nov 1998 01:12:29 -0800 From: "Jordan K. Hubbard" <jkh@zippy.cdrom.com> To: Keith Stevenson <k.stevenson@louisville.edu> Cc: freebsd-security@FreeBSD.ORG Subject: Re: PAM on FreeBSD (was Would this make FreeBSD more secure?) Message-ID: <5395.911466749@zippy.cdrom.com> In-Reply-To: Your message of "Wed, 18 Nov 1998 17:15:22 EST." <19981118171522.A2654@homer.louisville.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
> I suffered through PAM on a RedHat Linux box. The combination of flaky > Linuxisms, PAM, and the SYSV-style init drove me to FreeBSD. I've been very Please don't confuse a bad implementation with a fundamentally bad design. We've taken none of the modules from Linux (which even many linux folks will agree suck) and we certainly haven't changed init. All we've done is provide a much, much easier mechanism for adding a new authentication type to a wide range of tools without having to go patch each and every tool separately, as we do now. That's just a kludge, and the fundamental idea of making an "authentication chain" which works generically for any tool which requires flexible authentication is a fundamentally good idea. Just because somebody tripped over their dick and went face-first to the pavement on an earlier implementation of a useful and somewhat obvious idea like PAM by no means discredits the entire concept. I also trust John Polstra's work a lot more than any 10 people I could name. If somebody paid him to do this work, he did it right. How about giving it a chance before passing any early verdicts? - Jordan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5395.911466749>