Hi Adam, On Tue, 15 Apr 1997, Adam Slattery wrote: > The main goal of the module is to provide a great deal of flexibility. The > primary selling point is that a wide range of cryptographic algorithms can > be used (currently 3, this will increase significantly when other people > submit algorithm modules or I adapt a few more algorithms). Currently there > is support for md5, des, and vcblowfish (formerly known as glibfish). I'm personally of the opinion that supporting multiple algorithms is an advantage, because it opens up the possibility of gaining mindshare with administrators of other operating systems for whom backwards-compatibility with alternative 'secure' password hashes is a prerequisite. > ELITE EXTRAS: > Fully compatible with modules such as cracklib. It is more flexible than > pam_unix in that you can specify where the passwd file is, which is very > useful if you don't want to use system accounts for a given service (this > could be used with vsftp to create ftp user accounts without creating any > system accounts). Does the ability to specify alternate locations for the password file come at the expense of being able to use the system getpwnam() call (and therefore make use of other NSS backends), or have you balanced both of these requirements in a single module? Regards, Steve Langasek postmodern programmer
