diff options
| author | hartmans <Unknown> | 2002-05-05 18:52:37 +0000 |
|---|---|---|
| committer | hartmans <Unknown> | 2002-05-05 18:52:37 +0000 |
| commit | 4165aa44b3e597acd32a569c96889ec084e1a93c (patch) | |
| tree | 22b334ed363d00b146b1b5aee1c41ef6fe8d29ac | |
| parent | 9c4fff523192594bfbb354dd4c52d9197046c0e2 (diff) | |
| download | pam-4165aa44b3e597acd32a569c96889ec084e1a93c.tar.gz pam-4165aa44b3e597acd32a569c96889ec084e1a93c.tar.bz2 pam-4165aa44b3e597acd32a569c96889ec084e1a93c.zip | |
Document securetty change
| -rw-r--r-- | README.debian | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/README.debian b/README.debian index 464d40ef..03620cfc 100644 --- a/README.debian +++ b/README.debian @@ -11,4 +11,16 @@ Application Developers' Guide" and "The Linux-PAM Module Writers' Guide". The Debian default configuration is to emulate the old UNIX authentication. +Changes Since Debian 3.0 +------------------------ + +The pam_securetty module used to prompt for a password when it was +going to fail access. This Debian-specific patch defeats one of the +key uses of this module: ot deny access to privileged accounts soon +enough in the PAM stack that the password is never requested and is +not compromised over insecure network links. If you want to ask for +the password use required not requisite in your PAM config. + + + J.H.M. Dassen (Ray) <jdassen@debian.org>, Wed, 23 Sep 1998 22:53:15 +0200 |