[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

*security* of PAMs



I'm strongly considering jumping over to PAM's, but I hesitate.  I
know that one of the primary missions of PAM development is security,
but I'm not comfortable with it yet.

My discomfort arises from the lack of experience `the world' has had
with these modules.  I know that they are designed by security-aware
programmers, and they are trying to take everything into account, but
no software is written with the intent on being intentionally
insecure...

My question is not in the programmers' abilities, but in the overall
performance and security of the modules.  Is there any kind of
reassurance or any test-results that indicate it's ability to
withstand attacks?

In addition to the people implementing it, is anybody working on
*breaking* it?  (Better now than when it's being depended on.)

Thanks.

-wfe

--
      __
     / /\
    / /  \  William Evans
   / / /\ \  wfe01@gnofn.org
  / / /\ \ \  
 / /_/__\ \ \  New Orleans
/________\ \ \  Louisiana
\___________\/



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []