[Python-Dev] PEP 594: Removing dead batteries from the standard library

[Christian Heimes]

On 21/05/2019 12.19, Giampaolo Rodola' wrote:
> I find this one useful and would be a bit sad to see it go. FWIW I use it in pyftpdlib and I suppose there are other apps out there relying on UNIX password db for authentication. The fact that it’s a C module is also an incentive to leave it in the stdlib IMO (pure python modules can easily be copied in the project instead of retrieving them from PYPI as a third party dep - e.g. this is how I am likely going to replace asyncore/asynchat).

If you use the spwd module for authentication, then you have a major security problem in your application. You must use the PAM stack to authenticate access to a service.

Christian