Package: login Version: 1:4.1.5.1-1 Severity: grave Tags: security Justification: user security hole
Dear Maintainer, Debian GNU/kFreeBSD logs me with a wrong egid. I did the following steps: 1. Install a new copy of Debian GNU/kFreeBSD 2. Configure the system to use LDAP authentication 3. Add an LDAP user to a local group (e.g. sudo) 4. Log into that user Then, I found that bash does not read the configuration files since gid and egid are different. This is wrong. The egid should be the same as the primary gid when logging in. Refer to #698102 for more details. Regards, Michael -- System Information: Debian Release: 7.0 APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.2.0-4-amd64 (SMP w/8 CPU cores) Locale: LANG=en_HK.UTF-8, LC_CTYPE=en_HK.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages login depends on: ii libc6 2.13-37 ii libpam-modules 1.1.3-7.1 ii libpam-runtime 1.1.3-7.1 ii libpam0g 1.1.3-7.1 login recommends no packages. login suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
