From owner-freebsd-current  Thu Feb 17 21:46:24 2000
Delivered-To: freebsd-current@freebsd.org
Received: from gratis.grondar.za (gratis.grondar.za [196.7.18.133])
	by hub.freebsd.org (Postfix) with ESMTP
	id CB1D937B971; Thu, 17 Feb 2000 21:46:16 -0800 (PST)
	(envelope-from mark@grondar.za)
Received: from grondar.za (localhost [127.0.0.1])
	by gratis.grondar.za (8.9.3/8.9.3) with ESMTP id HAA25779;
	Fri, 18 Feb 2000 07:46:11 +0200 (SAST)
	(envelope-from mark@grondar.za)
Message-Id: <200002180546.HAA25779@gratis.grondar.za>
To: current@freebsd.org
Cc: committers@freebsd.org
Subject: Re: Crypto progress! (And a Biiiig TODO list) 
References: <200002180127.UAA83711@khavrinen.lcs.mit.edu> 
In-Reply-To: <200002180127.UAA83711@khavrinen.lcs.mit.edu> ; from Garrett Wollman <wollman@khavrinen.lcs.mit.edu>  "Thu, 17 Feb 2000 20:27:23 EST."
Date: Fri, 18 Feb 2000 07:46:11 +0200
From: Mark Murray <mark@grondar.za>
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

> I'm very uncomfortable with requiring Yet Another Daemon to manage
> (and screw up) password checking.  Generally speaking, if I wouldn't
> trust a program with root privileges, I wouldn't trust it with my
> password, either (for obvious reasons).

If "all those" suid programs could be "de-suid'ed", and replaced with
a simple "does this username/password pair check out?" daemon/module,
would that make you happier?

M
--
Mark Murray
Join the anti-SPAM movement: http://www.cauce.org


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message