Re: severe deficiencies in our PAM setup
On Fri, Sep 29, 2000 at 11:07:53PM -0300, Nicol?s Lichtmaier wrote:
> > > CPP syntax is a *very* well known preprocessor syntax, and it could give
> > > much flexibility not only in this case, but also in many other configuration
> > > files...
> > imho, m4 would be better if you want to do something like this. cpp has
> > a big problem for shell-type config files--it ain't real happy with # as
> > a comment character.
I am not implementing anything so complex. I am going to continue to
persue empty package files by default, a standard auth scheme, and a
simple configuration file with "security models" to choose from. I don't
want to take a chance of someones inability to understand the
configuration language to interfere with the security of their system.
Every person who wants to secure their system is not a security expert,
nor should they be.
Also remember that not every security expert is a multi-faceted language
expert and knows m4 and/or cpp. Hell, if m4 was so easy, sendmail would be
our default MTA. After all, if anyone wants to configure it, they should
be smart enough to understand or learn m4 right?
--
-----------=======-=-======-=========-----------=====------------=-=------
/ Ben Collins -- ...on that fantastic voyage... -- Debian GNU/Linux \
` bcollins@debian.org -- bcollins@openldap.org -- bcollins@linux.com '
`---=========------=======-------------=-=-----=-===-======-------=--=---'
Reply to: