On 8/5/05, Jeremy Huntwork <[EMAIL PROTECTED]> wrote: > Randy McMurchy wrote: > > Hi all, > > Is it a common enough (ie, several mainstream distros include it by > default) package to mandate that every LFS user build and install it? > Are there any disadvantages to including it in the LFS book? >
Yes, extrememly common - not only Linux but other UNIX vendors provide dictionary checking of passwords these days. Of course, they also include PAM as well, but we aren't discussing that. Probably the best method for deciding the utility of a package change in base LFS is the method you mention - what are the pros and cons? Pro(s): Increases the default security of the base LFS distribution. This is where we ask the user to *set* the root passwd, so probably the best place to include the capability of dictionary checking. Shadow is one of the few base LFS packages that BLFS touches, so it would be benefical to move that to LFS, so that BLS implementations have less rick of breaking the main system. Con(s): It's more management overhead (admittedly minor) More disk space usage Any one have any others? Oh, and +1 from me for inclusion of cracklib in LFS (but NOT Linux_PAM!) -- - Steve Crosby -- http://linuxfromscratch.org/mailman/listinfo/lfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
