[Slackbuilds-users] LinuxPAM has been in the pending queue for months.

Didier Spaier didier.spaier at epsm.fr
Fri Oct 22 07:44:22 UTC 2010


Le 22/10/2010 09:07, crocket a écrit :
> It seems LinuxPAM doesn't attract enough attention.
> Somebody needs to do something about this.

I am not an admin but here is a quote of Slackware 9.1's Changelog:

"n/openssh-3.7.1p2-i486-1.tgz:  Upgraded to openssh-3.7.1p2.
   This fixes security problems with PAM authentication.  It also includes
   several code cleanups from Solar Designer.  Slackware does not use PAM and is
   not vulnerable to any of the fixed problems.
   Please indulge me for this brief aside (as requests for PAM are on the rise):
     If you see a security problem reported which depends on PAM, you can be
     glad you run Slackware.  I think a better name for PAM might be SCAM, for
     Swiss Cheese Authentication Modules, and have never felt that the small
     amount of convenience it provides is worth the great loss of system
     security.  We miss out on half a dozen security problems a year by not
     using PAM, but you can always install it yourself if you feel that
     you're missing out on the fun.  (No, don't do that)
   OK, I'm done ranting here. :-)
   I suppose this is still a:
   (* Security fix *)"

May-be this explain that ?


More information about the SlackBuilds-users mailing list