The day Slackware meets PAM: Wed Feb 12 05:05:50 UTC 2020
SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Just a word of advice, its pretty terrible idea for security to hook pam into everything. Like the changelog says, this is a much bigger attack surface and doesn't really gain anything for most users. If it really must be added it should be done only where absolutely necessary, but even then I doubt most users will gain any benefits.
Just a word of advice, its pretty terrible idea for security to hook pam into everything. Like the changelog says, this is a much bigger attack surface and doesn't really gain anything for most users. If it really must be added it should be done only where absolutely necessary, but even then I doubt most users will gain any benefits.
I'm not familiar with PAM. Can you be more specific? I use SSH, OpenVPN and StrongSwan. Does the inclusion of PAM compromise them, or render them less secure? Does it make these specific targets bigger and easier to hit?
Just a word of advice, its pretty terrible idea for security to hook pam into everything. Like the changelog says, this is a much bigger attack surface and doesn't really gain anything for most users. If it really must be added it should be done only where absolutely necessary, but even then I doubt most users will gain any benefits.
Three technologies with a very reduced attack surface:
Just a word of advice, its pretty terrible idea for security to hook pam into everything. Like the changelog says, this is a much bigger attack surface and doesn't really gain anything for most users. If it really must be added it should be done only where absolutely necessary, but even then I doubt most users will gain any benefits.
PAM is not all that complex a beast; in fact the code to check authorization against PAM is in most cases simpler than other means. PAM has been around a long time and has had a lot of eyes. Remember it stands for Pluggable Authentication Modules, I will grant you if you start using lots of low-quality modules and make highly complex rules about them, you might end up less secure. If you are using Pat's out of box config (I have not looked yet but I assume) that is just going after local files passwd/group/shadow than I really don't see how you can make a credible claim the security posture is appreciably different, at least in a negative way, than the way things were before yesterday.
Tue Feb 11 19:33:45 UTC 2020
Here is KDE 5_20.02 for Slackware, consisting of the KDE Frameworks 5.67.0,
Plasma 5.18.0 and Applications 19.12.2. All this on top of Qt 5.13.2.
The ktown updates are targeting Slackware -current only.
Updates of the KDE 5 package sets for Slackware 14.2 have come to an end.
Upgrading from the previous 5_20.01 is straight-forward.
Read the accompanying README file for detailed installation and
upgrade instructions!
Note: the KDE 5_20.02 'testing' repository contains PAM support and is
meant to be used with the PAM packages in Slackware-current's '/testing'!
Upgrading now, but I'll left tests for the time when they reach -current tree (can't break anything now as I'm too busy with work).
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.