On Fri, 2004-04-30 at 08:55, Svante Signell wrote: > Is the bug #243698 in libpam0g really resolved in version 0.76-20? I > still get the security warnings in my logfiles. What is referred to in > the changelog.Debian for the null password check: passwd, shadow etc? > How are these related to the /etc/pam.d/* files. Eg. the > /etc/pam.d/common-password has the following entry enabled: > password required pam_unix.so nullok obscure min=4 max=8 md5 > > An alternate solution is in the same file. Is this solution to prefer? > # password required pam_cracklib.so retry=3 minlen=6 difok=3 > # password required pam_unix.so use_authtok nullok md5 > > If possible, please explain or if possible give a HOWTO- or an FAQ- > pointer that describes the current pam behaviour. > > changelog.Debian entry below: > pam (0.76-20) unstable; urgency=medium > > * Update to patch 55 to only check securetty when we are sure the > password is null, Closes: #243698 > * Medium urgency because the version now in testing has confusing and > verbose log messages. > * Include pam_getenv script which hopefully will be used by some > people somewhere for some purpose > > -- Sam Hartman <[EMAIL PROTECTED]> Wed, 28 Apr 2004 22:51:18 -0400 > > Please Cc: me since I'm not subscribed to debian-user > > On Tue, 2004-04-20 at 15:27, Colin Watson wrote: > > On Mon, Apr 19, 2004 at 08:57:13PM +0200, Svante Signell wrote: > > > I find these messages in my logfiles. What has changed recently? > > > The access to the tty devices is crw-rw---- and owned by root.tty. > > > > > > sshd[4196]: (pam_securetty) access denied: tty 'ssh' is not secure ! > > > xscreensaver: (pam_securetty) access denied: tty ':0.0' is not secure ! > > > > This is a filed bug against pam.
-- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
