Buggy PAM modules can currently crash the server. See
MDEV-10361 for example. Should auth_pam isolate PAM modules somehow to prevent problems like this from taking down the whole server? Is it feasible for auth_pam to use sandboxes for PAM modules, or would that cripple performance and slow down authentication too much?