[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Bright idea...

From: "Michael K. Johnson" <johnsonm redhat com>
To: pam-list redhat com
Subject: Bright idea...
Date: Mon, 24 Jun 1996 12:16:30 -0400

What does everyone think of an auth module which simply delays for an
amount of time determined by an option to the module?

I'm thinking of rexecd.  I'm told that some people consider it a security
hole because it allows faster password checking than most other system
entry points.  A line like this:

rexec   auth     optional       /usr/lib/security/pam_delay.so  200ms

would eliminate the problem, and make the whole thing configurable by
the system administrator.  That could be useful in a lot of other
paranoid sitations, too...

Andrew, is that something you could code in ten seconds with your
eyes tied behind your back?  :-)

If no one else does it, I'll probably eventually get to it, but it
might take a while because I'm currently pamifying apps.

michaelkjohnson

"Ever wonder why the SAME PEOPLE make up ALL the conspiracy theories?"

Follow-Ups:
- Re: Bright idea...
  - From: Aleph One <aleph1@dfw.net>

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index] []