Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Tue, 22 May 2012 16:00:02 -0400
From: Rich Felker <dalias@...ifal.cx>
To: musl@...ts.openwall.com
Subject: Re: make -i with linux-pam

On Tue, May 22, 2012 at 08:45:24PM +0200, aep wrote:
> >They might be _used to_ it working, but that doesn't
> >necessarily mean they "want" it.
> 
> Heh, this is where the difference in mindset shows. I tend to think
> people using things, actually want them.

That would make sense if there were any evidence they chose to use
them, but if they just ended up with these things by default, it's not
so clear...

> >With that said, one acceptable approach might be to have utmp/wtmp
> >support exist, but silently bail out (reporting success) if the file
> >does not exist.
> 
> having utmp in libc is just so utterly wrong in the first place.
> This really belongs in the higher stack, where decisions like that
> can be made based on config files.

It really belongs in PAM. And not by PAM just making calls to libc,
but by PAM doing its own utmp-like thing if the admin wants to.

> Sounds like an interesting problem for your platform vision :)

No, sounds like a problem for somebody else's. My view is that layer
upon layer of unnecessary crap like this that's leaked into all sorts
of progams is what's led us to a bad platform. Part of why I'm such a
supporter of the POSIX standard in particular is because, despite the
flaws of some of its interfaces designed by committee, they did a
great job of looking at the historical corpus of crap and making
decisions about which interfaces are actually necessary and useful to
write user-facing applications, and which ones were purely part of the
ugly inner workings of historical systems. utmp is clearly among the
latter.

My platform goals are (in the abstract):

(1) To be able to run user-facing applications.

(2) To Get Stuff Done™ at the system level, without a lot of regard
for how it was traditionally done.

I suppose some people who are attached to tradition won't like the
last part of #2, but they don't like it in the FDO regime either, and
yet they go along with it, even though the FDO stuff generally doesn't
Get Stuff Done™ and suffers from massive bloat and unpredictable or
unstable behavior..


Rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.