diff options
| -rw-r--r-- | NEWS | 4 | ||||
| -rw-r--r-- | modules/pam_faillock/pam_faillock.8.xml | 2 | ||||
| -rw-r--r-- | modules/pam_lastlog/pam_lastlog.8.xml | 2 | ||||
| -rw-r--r-- | modules/pam_limits/pam_limits.c | 2 | ||||
| -rw-r--r-- | modules/pam_sepermit/sepermit.conf | 2 | ||||
| -rw-r--r-- | modules/pam_tty_audit/pam_tty_audit.8.xml | 2 | ||||
| -rw-r--r-- | modules/pam_userdb/pam_userdb.c | 2 |
7 files changed, 8 insertions, 8 deletions
@@ -1,8 +1,8 @@ Linux-PAM NEWS -- history of user-visible changes. Release 1.5.1 -* pam_unix: fixed CVE-2020-27780 - authentication bypass when an - user doesn't exist and root password is blank +* pam_unix: fixed CVE-2020-27780 - authentication bypass when a user + doesn't exist and root password is blank * pam_faillock: added nodelay option to not set pam_fail_delay * pam_wheel: use pam_modutil_user_in_group to check for the group membership with getgrouplist where it is available diff --git a/modules/pam_faillock/pam_faillock.8.xml b/modules/pam_faillock/pam_faillock.8.xml index f43b4015..58c16442 100644 --- a/modules/pam_faillock/pam_faillock.8.xml +++ b/modules/pam_faillock/pam_faillock.8.xml @@ -234,7 +234,7 @@ Note that using the module in <option>preauth</option> without the <option>silent</option> option specified in <filename>/etc/security/faillock.conf</filename> or with <emphasis>requisite</emphasis> control field leaks an information about - existence or non-existence of an user account in the system because + existence or non-existence of a user account in the system because the failures are not recorded for the unknown users. The message about the user account being locked is never displayed for non-existing user accounts allowing the adversary to infer that a particular account diff --git a/modules/pam_lastlog/pam_lastlog.8.xml b/modules/pam_lastlog/pam_lastlog.8.xml index a2f14fc2..bada2ea0 100644 --- a/modules/pam_lastlog/pam_lastlog.8.xml +++ b/modules/pam_lastlog/pam_lastlog.8.xml @@ -286,7 +286,7 @@ <title>EXAMPLES</title> <para> Add the following line to <filename>/etc/pam.d/login</filename> to - display the last login time of an user: + display the last login time of a user: </para> <programlisting> session required pam_lastlog.so nowtmp diff --git a/modules/pam_limits/pam_limits.c b/modules/pam_limits/pam_limits.c index 9ecc272a..10049973 100644 --- a/modules/pam_limits/pam_limits.c +++ b/modules/pam_limits/pam_limits.c @@ -50,7 +50,7 @@ /* Module defines */ #define LINE_LENGTH 1024 -#define LIMITS_DEF_USER 0 /* limit was set by an user entry */ +#define LIMITS_DEF_USER 0 /* limit was set by a user entry */ #define LIMITS_DEF_GROUP 1 /* limit was set by a group entry */ #define LIMITS_DEF_ALLGROUP 2 /* limit was set by a group entry */ #define LIMITS_DEF_ALL 3 /* limit was set by an all entry */ diff --git a/modules/pam_sepermit/sepermit.conf b/modules/pam_sepermit/sepermit.conf index 951f3dfe..0a12cd83 100644 --- a/modules/pam_sepermit/sepermit.conf +++ b/modules/pam_sepermit/sepermit.conf @@ -1,7 +1,7 @@ # /etc/security/sepermit.conf # # Each line contains either: -# - an user name +# - a user name # - a group name, with @group syntax # - a SELinux user name, with %seuser syntax # Each line can contain optional arguments separated by : diff --git a/modules/pam_tty_audit/pam_tty_audit.8.xml b/modules/pam_tty_audit/pam_tty_audit.8.xml index e346c689..1c0ba5c4 100644 --- a/modules/pam_tty_audit/pam_tty_audit.8.xml +++ b/modules/pam_tty_audit/pam_tty_audit.8.xml @@ -129,7 +129,7 @@ <title>NOTES</title> <para> When TTY auditing is enabled, it is inherited by all processes started by - that user. In particular, daemons restarted by an user will still have + that user. In particular, daemons restarted by a user will still have TTY auditing enabled, and audit TTY input even by other users unless auditing for these users is explicitly disabled. Therefore, it is recommended to use <option>disable=*</option> as the first option for diff --git a/modules/pam_userdb/pam_userdb.c b/modules/pam_userdb/pam_userdb.c index a46cd276..dc2ca232 100644 --- a/modules/pam_userdb/pam_userdb.c +++ b/modules/pam_userdb/pam_userdb.c @@ -133,7 +133,7 @@ _pam_parse (pam_handle_t *pamh, int argc, const char **argv, /* - * Looks up an user name in a database and checks the password + * Looks up a user name in a database and checks the password * * return values: * 1 = User not found |