On Sat, Jan 15, 2000 at 05:04:32PM -0500, Decklin Foster wrote:
> Ethan Benson writes:
>
> > should mingetty allow control C to work?
> > the delay may be cancelled this way which some would consider a
> > security problem..
>
> IMHO it's fine. You can't exactly brute force a password if you have
> to actually do the typing on a keyboard, and mingetty only works on
> the console. For example, with xdm there's no delay at all. It's
> telnet sessions and modem gettys that we have to worry about, because
> that's where you can set up expect or somesuch to type the passwords
> in for you.
Exactly. And considering the number of times I mistype my login, it's
nice to just bang my head against the table, and hit ^C and start over
than having to wait... wait... wait.
>
> If I'm totally off base, someone please correct me, because I always
> go and cut the delay time in /etc/login.defs from 3 seconds to 1.
>
I suppose that would be a solution if ^C no longer worked, but aren't you
supposed to do it in /etc/pam.d/* now?
--
Please always Cc to me when replying to me on the lists.
"If you continue running Windows, your system may become unstable."
-- Windows 95 BSOD
Dwayne C. Litzenberger - dlitz@cheerful.com
See the mail headers for GPG/advertising/homepage information.
Attachment:
pgpEBqPXWG1kn.pgp
Description: PGP signature