diff options
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/pam_env/pam_env.8.xml | 5 | ||||
| -rw-r--r-- | modules/pam_env/pam_env.c | 3 |
2 files changed, 8 insertions, 0 deletions
diff --git a/modules/pam_env/pam_env.8.xml b/modules/pam_env/pam_env.8.xml index 1e455576..75ff862b 100644 --- a/modules/pam_env/pam_env.8.xml +++ b/modules/pam_env/pam_env.8.xml @@ -163,6 +163,11 @@ behavior of subsequent modules in the stack without the consent of the system administrator. </para> + <para> + Due to problematic security this functionality is deprecated + since the 1.5.0 version and will be removed completely at some + point in the future. + </para> </listitem> </varlistentry> diff --git a/modules/pam_env/pam_env.c b/modules/pam_env/pam_env.c index 4aa3777f..f5f8cead 100644 --- a/modules/pam_env/pam_env.c +++ b/modules/pam_env/pam_env.c @@ -120,6 +120,9 @@ _pam_parse (const pam_handle_t *pamh, int argc, const char **argv, pam_syslog(pamh, LOG_ERR, "unknown option: %s", *argv); } + if (*user_readenv) + pam_syslog(pamh, LOG_DEBUG, "deprecated reading of user environment enabled"); + return ctrl; } |