[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Including pam_faildelay module in PAM distribution



Hello!

Since long time I miss support for PAM's pam_fail_delay() function in common Linux applications. For instance, OpenSSH and SUDO don't support fail delay without special patches.

I discussed this problem already with the OpenSSH developers:

   http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=112166069618320&w=2

The PAM module pam_faildelay

   http://www.zip.com.au/~dtucker/patches/#pam_faildelay

solves the problem with Linux applications which do not have an own support for pam_fail_delay very elegant.

The only problem is, that the module pam_faildelay is difficult to find. Probably no common Linux distribution has it, see http://www.rpmseek.com/

Why we don't include the module pam_faildelay in the standard PAM distribution? This has some benefits:

   * users can find it easier since it's in their distribution
   * Linux distributors can configure the applications with fail delay
     be default
   * the module will be maintained
   * if more users and administrators use applications with fail delay
     support, security will be increased

What do you think?

Greetings,
Björn


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]