Well I am telling you that sufficient + sufficient for pam_ldap and pam_unix in common-auth leads to any user being able to log in with blank password. So something is not behaving properly here. Your assumption re sufficient + sufficient (which I though too it was right) is incorrect, I tested this.
Cheers -- pam configuration could use safer defaults https://bugs.launchpad.net/bugs/152912 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
