> > Minimal modification of packages. Allow users to choose for themselves > instead of doing work for them. I fail to see the security implications > here for the common user, why would someone want to lock out a user > without deleting the account except a system admin, who presumably would > know what to do and would not need a 'simple one-step process'. maybe, but it all depends should the admin have to do a full system security audit? after making these changes I shouldn't have any problems with kdm, the system is more secure and there are no disadvantages that I can see. I just can't understand why I had to go through all of this to start, sure I could make my system even MORE secure but it's just unnecessary. also one implication in the modified file I sent is currently failed logins (w/ kdm) don't get logged... but I don't suppose that the average user reads their failed user authentication logs, or cares that say a roommate has been trying to crack there account by hand (because they aren't smart enough to know how to mount a system drive with a livecd (yes I've had this happen this is why we hash passwords and make them in the first place not all users are as smart as us)). > I'd > wager most Arch users simply have 1 account they use all the time, and > perhaps a guest account for others to use. perhaps so... but as I've said this doesn't negatively impact them. the size is negligible and the benefits are helping people who are ignorant of weak pam settings and may not have checked that an account they thought was disabled actually was. I'm just happy I checked. > This isn't a security hole, and it isn't the responsibility of Arch devs > to make decisions for the users except in extreme cases. > how is this making decisions for users? arch makes decisions for users all the time. I'd guess that arch has done SOME setup of pam. It's a distributions job to make relatively sane and secure defaults. a distibution shouldn't do insane security, like require usb key auth (unless that kind of security is distro focus). but if there's no serious performance impact, and no visible user impact, then why should a distro implement a secure as possible by default setup? -- Caleb Cushing http://xenoterracide.blogspot.com