Specifically, the current status means that on stretch systems, any accounts relying on the default pam_unix nullok_secure to allow null- password accounts to log in from local terminals only are open to access by anyone who ssh's in and happens to get get pts/0 or pts/1.
- Bug#914957: login: removal of pts/* from /etc/s... russm
- Bug#914957: additional russm
- Processed: Re: Bug#914957: login: removal ... Debian Bug Tracking System
- Bug#914957: login: removal of pts/* from /... Salvatore Bonaccorso
- Bug#914957: [Pkg-shadow-devel] Bug#914... Bálint Réczey
- Bug#914957: [Pkg-shadow-devel] Bug... Michael Biebl
- Processed: Re: [Pkg-shadow-devel] Bug#9149... Debian Bug Tracking System
