Re: [gentoo-user] regarding PAM [WAS: root password gremlin]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Alexander Skwar wrote: It's standard already, I guess. No, it isn't. Why do you think so? - -- Arturo Buanzo Busleiman - www.buanzo.com.ar Consultor en Seguridad Informatica / Dominio Digital TV - Da FOSS man! KTP Consultores - info AT ktpconsultores.com.ar Romper un sistema de seguridad los acerca tanto a ser hackers como el encender autos puenteando los convierte en ingenieros automotrices. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDgHN7AlpOsGhXcE0RAp9IAJ4nv4rIYWIM3EpWH+RJzEoWniucQACaAonr DSvh/IzgNnTpnDvPYcuYIQI= =0dT+ -END PGP SIGNATURE- -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] regarding PAM [WAS: root password gremlin]
Arturo 'Buanzo' Busleiman schrieb: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Alexander Skwar wrote: It's standard already, I guess. No, it isn't. Why do you think so? Standard is something, for which you don't need additional software. For PAM, you need additional software, as PAM is already additional software. -- Alexander Skwar -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] regarding PAM [WAS: root password gremlin]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Alexander Skwar wrote: Standard is something, for which you don't need additional software. For PAM, you need additional software, as PAM is already additional software. ? - -- Arturo Buanzo Busleiman - www.buanzo.com.ar Consultor en Seguridad Informatica / Dominio Digital TV - Da FOSS man! KTP Consultores - info AT ktpconsultores.com.ar Romper un sistema de seguridad los acerca tanto a ser hackers como el encender autos puenteando los convierte en ingenieros automotrices. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDgHkSAlpOsGhXcE0RAnq8AJ9aMKWkTqhRlupPxfUH4CU/urB2hQCfW/PL 075hxRWjXrPXtBohthnCEAs= =Opn7 -END PGP SIGNATURE- -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] regarding PAM [WAS: root password gremlin]
Arturo 'Buanzo' Busleiman schrieb: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Alexander Skwar wrote: Standard is something, for which you don't need additional software. For PAM, you need additional software, as PAM is already additional software. ? Optional things aren't standard. They are optional. PAM is optional. You don't need it - at least not for basic setups. -- Alexander Skwar -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] regarding PAM [WAS: root password gremlin]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Alexander Skwar wrote: Optional things aren't standard. They are optional. PAM is optional. You don't need it - at least not for basic setups. It is NOW optional. I'm sure this will change, that's why I recommend to try it now that there is time to still enhance it LOTS. - -- Arturo Buanzo Busleiman - www.buanzo.com.ar Consultor en Seguridad Informatica / Dominio Digital TV - Da FOSS man! KTP Consultores - info AT ktpconsultores.com.ar Romper un sistema de seguridad los acerca tanto a ser hackers como el encender autos puenteando los convierte en ingenieros automotrices. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDgH70AlpOsGhXcE0RAnVTAJ0a4TaNnhpGIR/5GfcObkXw+m2kGgCePUys dmraL474EHQWFYK/JYzcn34= =khHS -END PGP SIGNATURE- -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] regarding PAM [WAS: root password gremlin]
Arturo 'Buanzo' Busleiman schrieb: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Alexander Skwar wrote: Optional things aren't standard. They are optional. PAM is optional. You don't need it - at least not for basic setups. It is NOW optional. I'm sure this will change, Well, I'm sure it won't. On low end embedded systems, you just don't need it. And when discussing base requirements, it should be made sure that even the low end is still supported. Also on normally sized systems, there just is no requirement for it - as long as the requirements are simple enough (eg. LDAP? Go PAM! Database? Go PAM!). But on consumer systems, and that's what we're talking about!, you won't need PAM. Not now, not in the future. Alexander Skwar -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] regarding PAM [WAS: root password gremlin]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Alexander Skwar wrote: Also on normally sized systems, there just is no requirement for it - as long as the requirements are simple enough (eg. LDAP? Go PAM! Database? Go PAM!). But on consumer systems, and that's what we're talking about!, you won't need PAM. Not now, not in the future. Let's settle this here, then. We've both provided enough arguments, both pro and against our points of view :) Nice discussion, anyway! - -- Arturo Buanzo Busleiman - www.buanzo.com.ar Consultor en Seguridad Informatica / Dominio Digital TV - Da FOSS man! KTP Consultores - info AT ktpconsultores.com.ar Romper un sistema de seguridad los acerca tanto a ser hackers como el encender autos puenteando los convierte en ingenieros automotrices. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDgI9DAlpOsGhXcE0RAkNtAJ41K7mlxQcJ3QDxE/zNwM1LqfuergCeKl4Y 6ZPV6ZtTIP2H45O2NViiyzs= =b1R6 -END PGP SIGNATURE- -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] regarding PAM [WAS: root password gremlin]
On Sunday 20 November 2005 14:49, Arturo 'Buanzo' Busleiman wrote: Alexander Skwar wrote: Optional things aren't standard. They are optional. PAM is optional. You don't need it - at least not for basic setups. It is NOW optional. I'm sure this will change, that's why I recommend to try it now that there is time to still enhance it LOTS. well, pam is buggy (ever logged out because of a X crash and not able to play any sounds anymore? That was pam) pam has a long history of security problems pam is not easy to configure and error prone. every added layer adds to the risks. All that I read said, that pam was a temporary solution some years ago - and that the chances are big that it will fade into obscurity in the next ones. For single-user setups it is as needed as a wart. I am angry with myself, that I installed it, without thinking. Learning? Where? And why? Most setups don't need it. And the ones that need some more complex authentification, can get it in other ways. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] regarding PAM [WAS: root password gremlin]
On Sunday 20 November 2005 15:24, Hemmann, Volker Armin wrote: On Sunday 20 November 2005 14:49, Arturo 'Buanzo' Busleiman wrote: Alexander Skwar wrote: Optional things aren't standard. They are optional. PAM is optional. You don't need it - at least not for basic setups. It is NOW optional. I'm sure this will change, that's why I recommend to try it now that there is time to still enhance it LOTS. well, pam is buggy (ever logged out because of a X crash and not able to play any sounds anymore? That was pam) pam has a long history of security problems pam is not easy to configure and error prone. every added layer adds to the risks. All that I read said, that pam was a temporary solution some years ago - and that the chances are big that it will fade into obscurity in the next ones. For single-user setups it is as needed as a wart. Bingo... I manage a herd of laptops... well... I'm done from 100 to 22... but PAM isn't on a single one of them and life hasn't been happier. :') I am angry with myself, that I installed it, without thinking. Learning? Where? And why? Most setups don't need it. And the ones that need some more complex authentification, can get it in other ways. -- ** Registered Linux User Number 185956 FSF Associate Member number 2340 since 05/20/2004 Join me in chat at #linux-users on irc.freenode.net Buy an Xbox for $149.00, run linux on it and Microsoft loses $150.00! 12:51pm up 63 days, 4:16, 3 users, load average: 3.12, 3.06, 3.01 -- gentoo-user@gentoo.org mailing list
