From owner-freebsd-hackers Mon Oct 20 19:50:15 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id TAA11476 for hackers-outgoing; Mon, 20 Oct 1997 19:50:15 -0700 (PDT) (envelope-from owner-freebsd-hackers) Received: from smtp04.primenet.com (smtp04.primenet.com [206.165.5.85]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id TAA11422 for ; Mon, 20 Oct 1997 19:49:46 -0700 (PDT) (envelope-from tlambert@usr05.primenet.com) Received: (from daemon@localhost) by smtp04.primenet.com (8.8.7/8.8.7) id LAA15928; Mon, 20 Oct 1997 11:27:24 -0700 (MST) Received: from usr05.primenet.com(206.165.6.205) via SMTP by smtp04.primenet.com, id smtpd015926; Mon Oct 20 11:27:23 1997 Received: (from tlambert@localhost) by usr05.primenet.com (8.8.5/8.8.5) id LAA09252; Mon, 20 Oct 1997 11:27:21 -0700 (MST) From: Terry Lambert Message-Id: <199710201827.LAA09252@usr05.primenet.com> Subject: Re: FreeBSD authentication... To: dec@phoenix.its.rpi.edu (David E. Cross) Date: Mon, 20 Oct 1997 18:27:21 +0000 (GMT) Cc: freebsd-hackers@FreeBSD.ORG In-Reply-To: from "David E. Cross" at Oct 18, 97 10:29:58 am X-Mailer: ELM [version 2.4 PL23] Content-Type: text Sender: owner-freebsd-hackers@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > Is there any interest (should there be) to mooving to Pluggabl > Authentication Modules. (Since they are implimented as shared libraries, > that you link in as needed, would we need to rewrite ld.so a bit to ensure > that people couldn't set their LD_LIBRARY_PATH, and then run su to get > full root acces, sans password?) Have you located a PAM implementation (not necessarily modules, but the framework itself) which is under UCB copyright instead of GPL? User authentication is a system critical function, like the kernel; it's unlikely that PAM would be any more acceptable than a GPL'ed driver if it's critical to system operation. Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers.