[RFC] Add CrackLib to Chapter 6 LFS

Justin R. Knierim lfs at lfs-matrix.net
Thu Aug 4 22:40:29 PDT 2005


Randy McMurchy wrote:

>Yet you give a -1 for the simple addition of a single little old
>library (and its dictionary) to LFS. Please provide something concrete,
>else I'll think you are just disagreeing for the fun of it. :-)
>
I was giving my honest opinion.  Just because I use cracklib in all my 
systems, does not mean I think it should be in the book.  And I would 
never disagree or cause chaos just for fun.

If you want something more concrete, here are some more also:

1.  it is optional
2.  there are other password libraries that someone might want to use
3.  it doesn't provide education value besides "install this package and 
you don't need to worry about passwords anymoer" which imo a link to a 
google search of "good passwords" would be better or a link to a 
security howto/doc
4.  others may want to install PAM with cracklib meaning they would have 
to recompile shadow anyways once they got to BLFS
5.  for a standalone/experimental system who cares if someone uses the 
password "password"
6.  It should be common sense that passwords should be difficult.  Just 
as someone shouldn't use 1234 as their bank pin or their luggage 
combination (in that case, 1, 2, 3, 4, 5!)

Justin



More information about the lfs-dev mailing list