[ale] RE: PAM delays

[Chris Fowler]

Nope that is not the only reason.  PAM is too big.  Too big
for embedded environments.

-----Original Message-----
From: Keith Hopkins [mailto:hne at hopnet.net]
To: ale at ale.org
Sent: Friday, April 05, 2002 6:52 PM
To: Chris Fowler
Cc: ale at ale.org
Subject: PAM delays


Chris Fowler wrote:
> You can do what I did.  Rewrite most of everything
> used.  That way you *know* what it is doing.
>
> I'll give you an example.  I removed sysVinit 2.58 and
> replaced it with mine.  I do not support run levels.  I
> do not need them.  I found a bug in a tty driver becuase my
> init would fire off jobs extremely fast. The tty driver could
> not handle the all the open()'s at nearly the same time.  I
> had to place a minor nanosleep in the fire() function.
>
> I hate PAM.  I can not stand miss typing my password and having to
> wait almost 2 seconds to get another login because PAM is
> cleaning itself up.
>

   Is that the only reason you hate PAM?  (I'll admit, there are other
reasons :-)  That delay is a secuiry feature.  It was "designed in" to
lengthen the time it would take war-dialers to crack your password.  It's
also configurable.  I've got the delay on my firewall set to about 10
seconds.

--
Lost in Tokyo,
   Keith
     Jack of All Trades, Anarchist





---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.