Turbo Fredriksson wrote: > True, but it's the easiest and least intrusive way.
It's not easiest for us because we don't run just Linux anymore here. It's not least intrusive either, look at the amount of code that went into them, and their security history. The problem is there are no alternatives available. Someone has suggested modifiying ldapdns to serve hesiod records. Kludgy, but still probably more portable and simpler than PAM and NSS.
