Re: porting PAM

[Chris Hedemark <chris@yonderway.com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On Tuesday, May 27, 2003, at 12:59 PM, Dries Schellekens wrote:

> There is no need to port PAM to OpenBSD, because OpenBSD uses the BSD
> Authentication framework (originally developed by BSDI).


On Thursday, May 8, 2003, at 09:45 PM, Theo de Raadt wrote:

> It appears obvious why you wrote this new version.
>
> You wanted to re-invent the wheel, making it slightly different, and
> in those slight differences cause people interoperabilty problems.  I
> urge everyone out there to avoid using this version.  Interoperability
> and simplicity can co-exist, and it is perfectly clear to me at least
> that multiple versions move against these two prime precepts.
>
> I'd love to believe that there are other reasons for writing
> incompatible software, besides the obvious fact that the result shown
> below DOES HAVE INCOMPATIBLITIES.  But I can't think of any.
>
> And then some idiot will write code that depends on one of those
> incompatibilities.  And then it will break on all other versions.  I
> know!  We should now add something that is incompatible with yours!
> Oh this all makes the world so much better!
>
> At least this time we know who to blame.  Thanks for stepping
> forward.  Therefore, I post this for the archives.....

Now of course Theo was talking about something other than PAM.  But 
it's true, BSD Auth is a reinvention of the wheel that causes people 
interoperability problems.  The lack of PAM and nsswitch continues to 
keep OpenBSD in an infrastructure appliance role or standalone server 
on most networks.

- --
War is Terrorism with a Bigger Budget
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.3.2 (Darwin)

iEYEARECAAYFAj7UwFgACgkQYPuF4Zq9lvYPtgCg8PswWNlNZEYgUOlTL2/vAv8M
/LMAoN+1xa0sr7JZgD9fOrtQgEEc967G
=pKth
-----END PGP SIGNATURE-----