Problematic pam-config

Question

Problematic pam-config

Closed this issue 8 years ago · 4 comments

Hi -

did you ever see this launch pad bug ? https://bugs.launchpad.net/ubuntu/+source/libpam-script/+bug/1411225 . I think this may still be a problem as I have just been bitten by the entries:

(account|auth|password) sufficient                      pam_script.so

being added to the common-* files leaving my Ubuntu instance open to a user with any password as was reported on launch pad.

I'm wondering if it would be better to omit this auto-configuration as a security precaution for others?

Thanks,
Piers Harding.

Answer 1 · 2016-08-22T07:27:03.000Z

No I didn't thanks for pointing out!

Answer 2 · 2016-08-22T07:39:00.000Z

Actually I'm removing the debian directory out of the source tree since it is maintained by a debian developer now. I have contacted him to replace all sufficient with optional so it keeps current pam stack intact.

Answer 3 · 2016-08-28T19:20:50.000Z

Thanks - can you point me to the debian maintained repository?

Cheers,
Piers Harding.

Answer 4 · 2016-10-05T09:33:04.000Z

You can find it at debian.org:
https://packages.debian.org/sid/libpam-script