[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: PAM questions (fwd)

Andrew Morgan:
> Sun's position (which necessarily seems to reflect that of all of the
> subscribed DCE "vendors" too) seems to be that it is most appropriate
> to leave the pausing to the application's discretion.
> It is not at all clear to me that this is the right thing to do.
> Perhaps someone out there can see why this would be best?

One reason: compatibility with other PAM implementations.  If you can
convince Sun to change their implementation (because ours is better),
I have no problem with this :-).

Maybe we just need a library function to read a value from a config
file (like Solaris /etc/default/login or shadow /etc/login.defs), and
use it to get the default delay, so that we don't need to repeat this
code in every application?  Shadow login does something like this:

	sleep(getdef_num("FAIL_DELAY", 3));

(getdef_num() reads the value from /etc/login.defs, 3 is the default
if not specified in the file).



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []