Package: libpam-runtime
Version: 1.0.1-7
Severity: critical
On some Debian unstable systems, configuring libpam-runtime leads to
the following question:
# dpkg-reconfigure libpam-runtime
Pluggable Authentication Modules (PAM) determine how authentication,
authorization, and password changing are handled on the system, as well as
allowing configuration of additional actions to take when starting user
sessions.
Some PAM module packages provide profiles that can be used to automatically
adjust the behavior of all PAM-using applications on the system. Please
indicate which of these behaviors you wish to enable.
1. Unix authentication 2. none of the above
(Enter the items you want to select, separated by spaces.)
PAM profiles to enable:
Pressing enter (with an empty default) results in Unix password
authentication being turned off. This is unexpected and not very nice
behavior. I have labelled severity as critical as it had the effect
of leaving a system accessible remotely without password for several
days, during which typical ssh robo-scans were able to log in freely
and trivially gain root.
--
Russell Senior ``I have nine fingers; you have ten.''
seni...@aracnet.com
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
