Linux Fedora Core 2: Password, Login, and Pam
Tomas Mraz
tmraz at redhat.com
Tue Dec 7 08:31:01 UTC 2004
> 1. Is there documentation on pam_tally available?
/usr/share/doc/pam-xxxx/txts/README.pam_tally
But as I've written you shouldn't use it anyway as it doesn't bring much
more security but it brings problems.
> 2. Is there an overarching security integration effort for Fedora
> (outside of selinux)? I mean so the graphical system tools such as the
> User app and login work the same as commands login, passwd, and su,
> etc., as far as password strength and longevity rules? Can I find the
> policy or plan written anywhere?
All apps (except specialized servers like Apache, cyrus-imap, ...)
should use pam as the authentication backend for system logins by
default so there should be one policy in use. Of course there are apps
with their own security sensitive informations protected by passwords
which don't use pam (Mozilla, mail clients) but they aren't used for
system logins.
--
Tomas Mraz <tmraz at redhat.com>
More information about the Pam-list
mailing list