Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
Originally posted by Matir Tinkster: What is the reason it's not included? Do you know?
I personally like PAM quite a bit. :)
Slackware 9.1 ChangeLog.txt entry dated
Tue Sep 23 21:57:32 PDT 2003
In record time, this is Slackware 9.1 release candidate 2. :-)
gnome/gal2-1.99.10-i486-1.tgz: Upgraded to gal-1.99.10.
gnome/gdm-126.96.36.199-i486-1.tgz: Upgraded to gdm-188.8.131.52.
gnome/gnome-applets-2.4.1-i486-1.tgz: Upgraded to gnome-applets-2.4.1.
n/openssh-3.7.1p2-i486-1.tgz: Upgraded to openssh-3.7.1p2.
This fixes security problems with PAM authentication. It also includes
several code cleanups from Solar Designer. Slackware does not use PAM and is
not vulnerable to any of the fixed problems.
Please indulge me for this brief aside (as requests for PAM are on the rise):
If you see a security problem reported which depends on PAM, you can be
glad you run Slackware. I think a better name for PAM might be SCAM, for
Swiss Cheese Authentication Modules, and have never felt that the small
amount of convenience it provides is worth the great loss of system
security. We miss out on half a dozen security problems a year by not
using PAM, but you can always install it yourself if you feel that
you're missing out on the fun. (No, don't do that)
OK, I'm done ranting here. :-)
I suppose this is still a:
(* Security fix *)
In short, Pat's happy to live without the flexibility of
PAM in order to avoid the existing or up-coming exploits.
I can't comment on the validity of that point of view since
I haven't followed PAMs security history over the last 2 years,
but I've always lived by and prospered under the credo of "In Pat We Trust". :)
I think with the ever-growing usage of PAM it will become even more secure and stable. Additionally, migrating a full network to LDAP authentication would be nearly impossible without PAM, as I understand it.
However, I respect Pat and his reasoning. To each their own.