Sorry I missed your previous email. I think you misunderstood.
> Why can't sudo be used as a channel for password guessing?
It absolutely can. The point is the delay is security theatre. It's
entirely optional - anyone that wants to use sudo as a password guessing
channel can easily opt out of th
Package: libpam-runtime
Version: 1.5.2-6+rpt2+deb12u1
Severity: normal
File: common-auth
X-Debbugs-Cc: tdh...@gmail.com
Dear Maintainer,
By default, on Debian and derivatives, `sudo` has a ~2 second delay for
incorrect password attempts. This serves no security purpose whatsoever and
merely ann
2 matches
Mail list logo
