In <m366q7las1.fsf@ccs.covici.com> John Covici (covici@ccs.covici.com) wrote:
> Hi. I was reading the readme in the 2.4.0-test2 kernel documentation
> tree for defs when I ran into the following mysterious passage
Grrr. There are STILL described this gaping security hole ? Hosh. You should
use recent enough util-linux and add
vc/1
vc/2
vc/3
vc/4
vc/5
vc/6
vc/7
vc/8
instead (I do not remeber well with which version of linux-utils you can
safely use devfs and allow root to use consoles but NOT ptys and serial
ports in the same time). For old linux-utils this suggestion is unsecure
and for new ones it's PLAIN WRONG so what's the point ?
> /etc/securetty
> PAM (Pluggable Authentication Modules) is supposed to be a flexible
> mechanism for providing better user authentication and access to
> services. Unfortunately, it's also fragile, complex and undocumented
> (check out RedHat 6.1, and probably other distributions as well). PAM
> has problems with symbolic links. Append the following lines to your
> /etc/securetty file:
> 1
> 2
> 3
> 4
> 5
> 6
> 7
> 8
> What does this mean since /etc/security is a directory and where
> shhould these lines go anyway?
> Any assistance would be appreciated.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sat Jul 15 2000 - 21:00:22 EST