In <39709DC8.D460C273@wanadoo.fr> Martin Costabel (costabel@wanadoo.fr) wrote:
> John Covici wrote:
>>
>> Hi. I was reading the readme in the 2.4.0-test2 kernel documentation
>> tree for defs when I ran into the following mysterious passage
>>
>> /etc/securetty
>> PAM (Pluggable Authentication Modules) is supposed to be a flexible
>> mechanism for providing better user authentication and access to
>> services. Unfortunately, it's also fragile, complex and undocumented
>> (check out RedHat 6.1, and probably other distributions as well). PAM
>> has problems with symbolic links. Append the following lines to your
>> /etc/securetty file:
>>
>> 1
>> 2
>> 3
>> 4
>> 5
>> 6
>> 7
>> 8
>>
>> What does this mean since /etc/security is a directory and where
>> shhould these lines go anyway?
> Isn't that obsolete anyway?
It is.
> The devfs documentation does not always follow the devfs API changes.
True, but it's not the case.
> In any case, if I want to login as root, I have to put
> vc/1
> vc/2
> and so on into /etc/securetty.
Correct. This is since my one-liner change was incorporated in linux-utils
(NOT in devfs!) more then 8 months ago. So it can be true or false depending
on version of linux-utils NOT depending on version of devfs. With old
linux-utils you can write "0" in securetty and suddenly root login will
be allowed from /dev/vc/0, /dev/pts/0, /dev/tts/0 - in fact <anything>/0
was allowed. Since it does not look good from security standpoint
linux-utils were patched. Now you can specify what you REALLY want:
vc/0 or tts/0 ...
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sat Jul 15 2000 - 21:00:22 EST