[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: porting PAM
-----BEGIN PGP SIGNED MESSAGE-----
On Tuesday, May 27, 2003, at 12:59 PM, Dries Schellekens wrote:
> There is no need to port PAM to OpenBSD, because OpenBSD uses the BSD
> Authentication framework (originally developed by BSDI).
On Thursday, May 8, 2003, at 09:45 PM, Theo de Raadt wrote:
> It appears obvious why you wrote this new version.
> You wanted to re-invent the wheel, making it slightly different, and
> in those slight differences cause people interoperabilty problems. I
> urge everyone out there to avoid using this version. Interoperability
> and simplicity can co-exist, and it is perfectly clear to me at least
> that multiple versions move against these two prime precepts.
> I'd love to believe that there are other reasons for writing
> incompatible software, besides the obvious fact that the result shown
> below DOES HAVE INCOMPATIBLITIES. But I can't think of any.
> And then some idiot will write code that depends on one of those
> incompatibilities. And then it will break on all other versions. I
> know! We should now add something that is incompatible with yours!
> Oh this all makes the world so much better!
> At least this time we know who to blame. Thanks for stepping
> forward. Therefore, I post this for the archives.....
Now of course Theo was talking about something other than PAM. But
it's true, BSD Auth is a reinvention of the wheel that causes people
interoperability problems. The lack of PAM and nsswitch continues to
keep OpenBSD in an infrastructure appliance role or standalone server
on most networks.
War is Terrorism with a Bigger Budget
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.3.2 (Darwin)
-----END PGP SIGNATURE-----