Date: Saturday, January 5, 2019 @ 14:50:54 Author: dreisner Revision: 343005
Use restrictive fallback for "other" PAM service This is the upstream default as per: http://www.linux-pam.org/Linux-PAM-html/sag-security-issues-other.html Making this change requires that all programs gain PAM services specific to their needs. Modified: pambase/trunk/other -------+ other | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) Modified: other =================================================================== --- other 2019-01-05 14:43:16 UTC (rev 343004) +++ other 2019-01-05 14:50:54 UTC (rev 343005) @@ -1,5 +1,9 @@ #%PAM-1.0 -auth required pam_unix.so -account required pam_unix.so -password required pam_unix.so -session required pam_unix.so +auth required pam_deny.so +auth required pam_warn.so +account required pam_deny.so +account required pam_warn.so +password required pam_deny.so +password required pam_warn.so +session required pam_deny.so +session required pam_warn.so
