Chad Walstrom wrote:
> We should make it abundantly clear in the documentation that use of
> PAM authentication should be thoroughly protected.  If such measures
> cannot be taken, don't enable PAM.

Additionally, we can't always assume that because something uses PAM,
it'll authentication against system accounts.  There are dbm modules,
ldap modules, etc. that can be used for account management.

-- 
Chad Walstrom <chewie@wookimus.net>           http://www.wookimus.net/
           assert(expired(knowledge)); /* core dump */