[arch-commits] Commit in pambase/trunk (other)
Dave Reisner
dreisner at archlinux.org
Sat Jan 5 14:50:55 UTC 2019
Date: Saturday, January 5, 2019 @ 14:50:54
Author: dreisner
Revision: 343005
Use restrictive fallback for "other" PAM service
This is the upstream default as per:
http://www.linux-pam.org/Linux-PAM-html/sag-security-issues-other.html
Making this change requires that all programs gain PAM services specific to
their needs.
Modified:
pambase/trunk/other
-------+
other | 12 ++++++++----
1 file changed, 8 insertions(+), 4 deletions(-)
Modified: other
===================================================================
--- other 2019-01-05 14:43:16 UTC (rev 343004)
+++ other 2019-01-05 14:50:54 UTC (rev 343005)
@@ -1,5 +1,9 @@
#%PAM-1.0
-auth required pam_unix.so
-account required pam_unix.so
-password required pam_unix.so
-session required pam_unix.so
+auth required pam_deny.so
+auth required pam_warn.so
+account required pam_deny.so
+account required pam_warn.so
+password required pam_deny.so
+password required pam_warn.so
+session required pam_deny.so
+session required pam_warn.so
More information about the arch-commits
mailing list