Sorry I missed your previous email. I think you misunderstood.
> Why can't sudo be used as a channel for password guessing?
It absolutely can. The point is the delay is security theatre. It's
entirely optional - anyone that wants to use sudo as a password guessing
channel can easily opt out of th
> "Tim" == Tim Hutt writes:
Tim> By default, on Debian and derivatives, `sudo` has a ~2 second
Tim> delay for incorrect password attempts. This serves no security
Tim> purpose whatsoever and merely annoys the user.
It's not obvious to me that it serves no security purpose.
Why can
Package: libpam-runtime
Version: 1.5.2-6+rpt2+deb12u1
Severity: normal
File: common-auth
X-Debbugs-Cc: tdh...@gmail.com
Dear Maintainer,
By default, on Debian and derivatives, `sudo` has a ~2 second delay for
incorrect password attempts. This serves no security purpose whatsoever and
merely ann
3 matches
Mail list logo
