At Mittwoch, 18. November 2009 14:07 Xavier wrote:
I hope this could be a help for someone who knows how to configurate pam.-)
> And I am curious to know what the pam settings of other distro are
> (debian,fedora,gentoo,..).
Opensuse with the KDE43 repo has no /etc/pam.d/kde file and they used f
> As far as the people I know, passwd -d and passwd -l are the most
> common ways to do this. They do NOT change the shell. Changing the
> shell to lock out an account is laughable
expiredate would be more appropriate but again it didn't seem to be
instant. locking the password is good but it 'rep
Caleb Cushing wrote:
so here's the problem I've discovered
http://xenoterracide.blogspot.com/2009/11/bypassing-disabled-accounts-with-kdm.html
< links to arch bug included posting here because I believe both kde's
and arch's developers responses are less than satisfactory. This is a
security bug
On Tue, Nov 17, 2009 at 11:56 PM, Allan McRae wrote:
> Caleb Cushing wrote:
>>
>> so here's the problem I've discovered
>>
>> http://xenoterracide.blogspot.com/2009/11/bypassing-disabled-accounts-with-kdm.html
>> < links to arch bug included posting here because I believe both kde's
>> and arch's
On Wed, Nov 18, 2009 at 2:24 PM, Jan de Groot wrote:
> On Wed, 2009-11-18 at 14:17 +0100, bender02 wrote:
>> On Wed, Nov 18, 2009 at 2:07 PM, Xavier wrote:
>> > And I am curious to know what the pam settings of other distro are
>> > (debian,fedora,gentoo,..).
>> >
>> > Finally, maybe it makes sen
On Wed, 2009-11-18 at 14:17 +0100, bender02 wrote:
> On Wed, Nov 18, 2009 at 2:07 PM, Xavier wrote:
> > And I am curious to know what the pam settings of other distro are
> > (debian,fedora,gentoo,..).
> >
> > Finally, maybe it makes sense to try keeping all the different pam
> > login files as co
On Wed, Nov 18, 2009 at 2:07 PM, Xavier wrote:
> And I am curious to know what the pam settings of other distro are
> (debian,fedora,gentoo,..).
>
> Finally, maybe it makes sense to try keeping all the different pam
> login files as consistent as possible. But I don't know enough about
> pam to te
On Wed, Nov 18, 2009 at 6:40 AM, Caleb Cushing wrote:
> so here's the problem I've discovered
> http://xenoterracide.blogspot.com/2009/11/bypassing-disabled-accounts-with-kdm.html
> < links to arch bug included posting here because I believe both kde's
> and arch's developers responses are less th
2009/11/18 Ng Oon-Ee :
> The *disadvantage* is that the devs/maintainers have to patch up-stream.
> This should be kept to a minimum, primarily to reduce their workload,
> and also because it is ASSUMED that if you use Arch, you're capable of
> doing the Right Thing (tm) according to your situation
On Wed, 2009-11-18 at 03:49 -0500, Caleb Cushing wrote:
> >
> > Minimal modification of packages. Allow users to choose for themselves
> > instead of doing work for them. I fail to see the security implications
> > here for the common user, why would someone want to lock out a user
> > without dele
>
> Minimal modification of packages. Allow users to choose for themselves
> instead of doing work for them. I fail to see the security implications
> here for the common user, why would someone want to lock out a user
> without deleting the account except a system admin, who presumably would
> kno
On Wed, 2009-11-18 at 02:24 -0500, Caleb Cushing wrote:
> > Oh no. It has been 1 day and my "bug" is not fixed! I must blog about it so
> > the world listens to me...
>
> also no one has presented a /good/ reason for not fixing it, only
> reasons they don't think it should be fixed. you could do
> Oh no. It has been 1 day and my "bug" is not fixed! I must blog about it so
> the world listens to me...
also no one has presented a /good/ reason for not fixing it, only
reasons they don't think it should be fixed. you could do abc or d
things that I can think of... but no one has said why sec
On Wed, Nov 18, 2009 at 12:56 AM, Allan McRae wrote:
> Caleb Cushing wrote:
>>
>> so here's the problem I've discovered
>>
>> http://xenoterracide.blogspot.com/2009/11/bypassing-disabled-accounts-with-kdm.html
>> < links to arch bug included posting here because I believe both kde's
>> and arch's
Caleb Cushing wrote:
so here's the problem I've discovered
http://xenoterracide.blogspot.com/2009/11/bypassing-disabled-accounts-with-kdm.html
< links to arch bug included posting here because I believe both kde's
and arch's developers responses are less than satisfactory. This is a
security bug
so here's the problem I've discovered
http://xenoterracide.blogspot.com/2009/11/bypassing-disabled-accounts-with-kdm.html
< links to arch bug included posting here because I believe both kde's
and arch's developers responses are less than satisfactory. This is a
security bug an easy to fix without
16 matches
Mail list logo
