Re: NSS and PAM

From: Dag-Erling Smørgrav <des_at_des.no>
Date: Tue, 02 Dec 2003 00:24:05 +0100
Garrett Wollman <wollman_at_khavrinen.lcs.mit.edu> writes:
> <<On Mon, 01 Dec 2003 23:24:40 +0100, des_at_des.no (Dag-Erling =?iso-8859-1?q?Sm=F8rgrav?=) said:
> > The problem is that the authentication information needs to be stored
> > somewhere, and the usual solution is to store it in the directory, 
> ...which is usually the worst possible place.  Please don't penalize
> those of us with sensible authentication systems.

You're the one trying to penalize other people.  A common framework
for directory and authentication services can of course store
authentication tokens separately from user information, but the
reverse isn't true.  You can't unilaterally decide to leave out
functionality that 90% of our users require just because you are in a
position to use (what you consider to be) a better solution.

DES
-- 
Dag-Erling Smørgrav - des_at_des.no
Received on Mon Dec 01 2003 - 14:24:25 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:32 UTC