[crux-devel] meeting notes & next IRC Meeting

Jay Dolan jdolan at jdolan.dyndns.org
Wed May 31 19:16:03 UTC 2006


Daniel Mueller wrote:
> You are comparing apples and oranges. There are lots of alternatives 
> for RPM
> (dpkg, pkgutils, ..). If you want your linux box joining a corporate network 
> with centralized password management (ldap, samba/ad or kerberos) -> PAM is 
> your (only) choice (AND YES: I know about "NIS" which works fully PAM-less 
> and is insecure as hell AND I know various commercial products I don't want 
> to talk about 'cause they just suck). 
>
>   

But.  How many CRUX users are connecting to corporate networks via ldap, 
samba, or kerberos?  Apparently you are..but let's make sure you're not 
a minority in this instance.  I run NIS here for our ~20 node CRUX 
office with no complaints.  I'm not saying that PAM isn't an option.  
But I was present at CC2K4 when it was unanimously considered bloat for 
this distro.

> Besides of the fact that you will get the possibility to join a corporate
> network with centralized password management, imagine the following scenario:
>
> You've got a brand-new laptop. Your new laptop has the disadvantage of being a 
> popular object of desire for pilferers. The harddisk contains most likely 
> private data (e.g. nude pics of your girlfriend). It's a good idea to encrypt 
> those private files. I hear you saying "Bah, no problem, I don't need PAM for 
> this". Okay; you would probably create some container files in your home 
> directory and mount them if needed. Now let's imagine the thief is a smart 
> one and he's looking for tracks in your home directory 
> (.bash_history, .kde/*, .gnome/*, thumbails/*  ..). 
> With PAM (pam_mount) it's possible to mount encrypted filesystems during the 
> logon session. That means you could encrypt your whole home directory and 
> mount it automaticlly during login. After you've logged out, PAM will unmount 
> it for you.
>   

Wtf?  Again, sorry, how does this even relate to, nevermind help, the 
majority of CRUX users?  No offense intended..I'm just.. wow (?)

But can I have those nudes?

-- 
Jay Dolan
jdolan.dyndns.org

A: Because it's annoying to read.
Q: Why is top-posting bad?
A: Top posting.
Q: What's the most annoying thing about usenet?





More information about the crux-devel mailing list