On Wed, May 22, 2019, 04:32 Christian Heimes <christ...@python.org> wrote:
> On 22/05/2019 12.19, Steven D'Aprano wrote: > > I don't think this PEP should become a document about "Why you should > > use PAM". I appreciate that from your perspective as a Red Hat security > > guy, you want everyone to use best practices as you see them, but it > > isn't Python's position to convince Linux distros or users to use PAM. > > I think the PEP should make clear why spwd is bad and pining for The > Fjords. The document should point users to correct alternatives. There is > no correct and secure way to use the spwd module to verify user accounts. > Any use of spwd for logins introduces critical security bugs. > > By the way, all relevant BSD, Linux, and Darwin (macOS) distributions come > with PAM support. Almost all use PAM by default. AFAIK only the minimal > Alpine container does not have PAM installed by default. This is not Red > Hat trying to evangelize the world. PAM is *the* industry standards on > Unix-like OS. > The removal of spwd seems reasonable to me, and I don't think you need to write 20 seperate PEPs for each module, but I do think you should split the spwd/crypt modules off into their own PEP. The discussion about these modules is qualitatively different than some of the others (the security implications etc.), and trying to mix qualitatively different discussions always makes people frustrated. -n
_______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com