[bug-inetutils] Ftpd is Linux-PAM only.

[Mats Erik Andersson]

Dear all,

to my disappointment I observe that the present "ftpd/pam.c"
is strongly dependent on Linux-PAM, in fact is properly
working if and only if "pam_ftp.so" by Andrew G. Morgan is
deployed and used. This in turn depends on the macros
PAM_INCOMPLETE and PAM_CONV_AGAIN which only exist in
Lainux-PAM and which are taken from an Openpam Group
draft no. 8, by the very same A. G. Morgan. Exactly the
same code base is in use by the Debian package "linux-ftpd",
so it was clearly copied lazily into GNU Inetutils.

The absence of "pam_ftp.so" will, due to the coding of separate
calls pam_user() and pam_pass() from "ftpd/ftpd.c", make it
impossible for non-anonymous user to get access to the FTP daemon.

It is very disturbing to have this very non-portable code,
so I would like your view on the following suggestion:

  * Protect the present PAM code by a configuration setting,
    only invoking it on systems with Linux-PAM. Probably
    all Glibc architectures.

  * Develop a new PAM integration for "ftpd" that is usable on
    BSD systems, i.e., FreeBSD, NetBSD, DragonFlyBSD, and on Solaris.

Best regards,
  Mats E A