Package: pam-p11 Severity: wishlist Version: 0.1.3-2 Currently, pam_p11_openssh.so and pam_p11_opensc.so use hardcoded file paths to determine where to look for matching keys.
pam_p11_openssh examines ~/.ssh/authorized_keys and pam_p11_opensc reads
~/.eid/authorized_certificates.
It would be good if these paths were configurable by the system
administrator via options in the system pam config. One common case is
that, system administrators might not want to allow the end users to be
able to modify their own login permission files. Unless the user is
denied ownership of her home directory, either of these paths could be
completely changed (or accidentally destroyed, or maliciously targeted
by an exploited application) by the user, resulting in either a denial
of service (new logins fail) or in exposing the user account to other
access.
If such configuration is already possible, i wasn't able to figure out
how to do it, either by reading the documentation or by skimming the source.
--dkg
signature.asc
Description: OpenPGP digital signature
