diff options
| author | Steve Langasek <vorlon@debian.org> | 2019-01-02 12:24:44 -0800 |
|---|---|---|
| committer | Steve Langasek <vorlon@debian.org> | 2019-01-02 12:27:24 -0800 |
| commit | a6f4ab0bebc76acf85cc0244bd21c1036009c28c (patch) | |
| tree | df0d6a57d2b91ab9038e8d7b0d62f28c2daa66db /debian/patches-applied/046_pam_group_example | |
| parent | 10b6243f4664747e815372070142d6c5853176da (diff) | |
| download | pam-a6f4ab0bebc76acf85cc0244bd21c1036009c28c.tar.gz pam-a6f4ab0bebc76acf85cc0244bd21c1036009c28c.tar.bz2 pam-a6f4ab0bebc76acf85cc0244bd21c1036009c28c.zip | |
fix-up commit for grafting svn history onto git history
Diffstat (limited to 'debian/patches-applied/046_pam_group_example')
| -rw-r--r-- | debian/patches-applied/046_pam_group_example | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/debian/patches-applied/046_pam_group_example b/debian/patches-applied/046_pam_group_example new file mode 100644 index 00000000..c885c822 --- /dev/null +++ b/debian/patches-applied/046_pam_group_example @@ -0,0 +1,27 @@ +Patch for Debian bug #197080 + +Don't use the 'games' group as an example in group.conf, this is a +potential security hole. + +Authors: Peter Cordes <peter@llama.nslug.ns.ca> + +Upstream status: committed to CVS + +Index: Linux-PAM/modules/pam_group/group.conf +=================================================================== +--- Linux-PAM/modules/pam_group/group.conf.orig ++++ Linux-PAM/modules/pam_group/group.conf +@@ -88,10 +88,11 @@ + # + # another example: running 'xsh' on tty* (any ttyXXX device), + # the user 'sword' is given access to games (through membership of +-# the floppy group) after work hours ++# the sound and play group) after work hours. (The games group owns ++# high-score files and so on, so don't ever give users access to it.) + # + +-#xsh; tty* ;sword;!Wk0900-1800;games, sound ++#xsh; tty* ;sword;!Wk0900-1800;sound, play + #xsh; tty* ;*;Al0900-1800;floppy + + # |